mozilla

Observatory by Mozilla helps websites by teaching developers, system administrators, and security professionals how to configure their sites safely and securely. Let's take a look at the scores Observatory gives for a fairly straightforward Static Buildpack app, https://2017.keeprubyweird.com. Test Scores Test Pass Score Explanation Content Security Policy ✗ -25 Content Security Policy (CSP) header not implemented Cookies ― 0 No cookies detected Cross-origin Resource Sharing ✔ 0 Content is not visible via cross-origin resource sharing (CORS) files or headers HTTP Public Key Pinning ― 0 HTTP Public Key Pinning (HPKP) header not implemented (optional) HTTP Strict Transport Security ✗ -20…