Search overlay panel for performing site-wide searches

Salesforce (Heroku) Recognized as a Leader. Learn More!

static buildpack

Using HTTP Headers to Secure Your Site

Observatory by Mozilla helps websites by teaching developers, system administrators, and security professionals how to configure their sites safely and securely.

Let's take a look at the scores Observatory gives for a fairly straightforward Static Buildpack app, https://2017.keeprubyweird.com .

Test Scores

Test
Pass
Score
Explanation Content Security Policy
-25
Content Security Policy (CSP) header not implemented Cookies
0
No cookies detected Cross-origin Resource Sharing
0
Content is not visible via cross-origin resource sharing (CORS) files or headers

HTTP Public Key Pinning

0
HTTP Public Key Pinning (HPKP) header not implemented (optional) HTTP Strict Transport Security
-20
HTTP Strict Transport Security (HSTS) header not implemented

Subscribe to the full-text RSS feed for Caleb Hearth.