Skip to content
This repository has been archived by the owner on Feb 2, 2022. It is now read-only.

Leverage Mozilla Observatory to improve security #194

Open
rgreinho opened this issue Jan 23, 2020 · 3 comments · Fixed by #198
Open

Leverage Mozilla Observatory to improve security #194

rgreinho opened this issue Jan 23, 2020 · 3 comments · Fixed by #198
Assignees
@rgreinho

Comments

@rgreinho
Copy link
Member

Issue Type

  • Bug report
  • Feature request

Current Behavior

Using https://observatory.mozilla.org/analyze/viz.scrapd.org, we currently only score a "D" as we are missing several important headers.

Expected Behavior

The goal would be to follow the Mozilla recommendations and get an "A".
@rgreinho rgreinho self-assigned this Jan 23, 2020
@rgreinho
Copy link
Member Author

Using helmet seems to be a good approach to implement the security headers.

rgreinho added a commit that referenced this issue Jan 23, 2020
@rgreinho
Improves the security headers
48b64b2 
Attempts to fix all the security issues reported by the Mozilla
Observatory: https://observatory.mozilla.org/analyze/viz.scrapd.org

Fixes #194
@rgreinho rgreinho mentioned this issue Jan 23, 2020
Merged
@rgreinho
Copy link
Member Author

Mozilla observatory Report

image

rgreinho added a commit that referenced this issue Jan 24, 2020
@rgreinho
Improves the security headers
cdb3b7f 
Attempts to fix all the security issues reported by the Mozilla
Observatory: https://observatory.mozilla.org/analyze/viz.scrapd.org

Fixes #194
rgreinho added a commit to rgreinho/scrapdviz that referenced this issue Jan 26, 2020
@rgreinho
Improves the security headers
50a22d4 
Attempts to fix all the security issues reported by the Mozilla
Observatory: https://observatory.mozilla.org/analyze/viz.scrapd.org

Fixes scrapd#194
rgreinho added a commit that referenced this issue Jan 27, 2020
@rgreinho
Improves the security headers
ececd17 
Attempts to fix all the security issues reported by the Mozilla
Observatory: https://observatory.mozilla.org/analyze/viz.scrapd.org

Fixes #194
@mergify mergify bot closed this as completed in #198 Jan 29, 2020
mergify bot pushed a commit that referenced this issue Jan 29, 2020
@rgreinho
Improves the security headers (#198)
0f8b84d 
* Improves the security headers

Attempts to fix all the security issues reported by the Mozilla
Observatory: https://observatory.mozilla.org/analyze/viz.scrapd.org

Fixes #194

* Fix bad modules

* Fix CI violations

* Improves the security headers

Attempts to fix all the security issues reported by the Mozilla
Observatory: https://observatory.mozilla.org/analyze/viz.scrapd.org

Fixes #194

* save

* save
@rgreinho rgreinho reopened this Jan 29, 2020
@rgreinho
Copy link
Member Author

Re-opening this issues as the changes do not work with the static export.

Refer to this PR: vercel/next.js#4943 for some pointers.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@rgreinho rgreinho

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Improves the security headers scrapd/scrapdviz
1 participant
@rgreinho