dev.balrog.nonprod.cloudops.mozgcp.net has failed the web security baseline

Question

dev.balrog.nonprod.cloudops.mozgcp.net has failed the web security baseline

Opened this issue 5 years ago · 3 comments

moz-hwine commented 5 years ago

Site https://dev.balrog.nonprod.cloudops.mozgcp.net has failed the web security baseline scan.

The failing tests are:

Strict-Transport-Security Header Not Set [10035] x 1

https://dev.balrog.nonprod.cloudops.mozgcp.net/update/3/Firefox/33.0/20141202185629/Darwin_x86_64-gcc3-u-i386-x86_64/en-US/release/default (502 Bad Gateway)

Content Security Policy (CSP) Header Not Set [10038] x 1

https://dev.balrog.nonprod.cloudops.mozgcp.net/update/3/Firefox/33.0/20141202185629/Darwin_x86_64-gcc3-u-i386-x86_64/en-US/release/default (502 Bad Gateway)

This issue was automatically raised.

This issue is managed automatically by the baseline scan:

If the failing tests change then it will be updated
If it is closed before the tests pass then a new one will be opened
When all of the tests pass then it will be closed

Full details, including how to test for these issues locally, can be found on this Security Baseline Service dashboard.
If you have any questions or concerns please get in contact with @psiinon

Answer 1 · 2019-12-31T00:25:10.000Z

It looks like this is a transient issue with reaching the backend.

Answer 2 · 2020-03-14T01:34:09.000Z

The web security baseline for site https://dev.balrog.nonprod.cloudops.mozgcp.net is still failing, this issue should stay open.

Answer 3 · 2020-03-14T02:17:04.000Z

I don't think dev actually works. Does stage fail?