ZAP Full Scan Report
Opened this issue · 0 comments
github-actions commented
-
Site: https://xyz-demo-shop.azurewebsites.net
New Alerts- Content Security Policy (CSP) Header Not Set [10038] total: 3:
- Missing Anti-clickjacking Header [10020] total: 3:
- Proxy Disclosure [40025] total: 18:
- Cookie with SameSite Attribute None [10054] total: 2:
- Cookie without SameSite Attribute [10054] total: 2:
- HTTPS Content Available via HTTP [10047] total: 11:
- Incomplete or No Cache-control Header Set [10015] total: 5:
- Private IP Disclosure [2] total: 1:
- Strict-Transport-Security Header Not Set [10035] total: 11:
- Timestamp Disclosure - Unix [10096] total: 20:
- https://xyz-demo-shop.azurewebsites.net/safari-pinned-tab.svg
- https://xyz-demo-shop.azurewebsites.net/static/js/2.c38abab7.chunk.js
- https://xyz-demo-shop.azurewebsites.net/static/js/2.c38abab7.chunk.js
- https://xyz-demo-shop.azurewebsites.net/static/js/2.c38abab7.chunk.js
- https://xyz-demo-shop.azurewebsites.net/static/js/2.c38abab7.chunk.js
- ..
- X-Content-Type-Options Header Missing [10021] total: 11:
- Cookie Slack Detector [90027] total: 18:
- Information Disclosure - Suspicious Comments [10027] total: 2:
- Modern Web Application [10109] total: 4:
View the following link to download the report.
RunnerID:1674665460