2018-02-20 website test - hosting provider cookie security: Difference between revisions

From annawiki
No edit summary
No edit summary
 
Line 3: Line 3:
! Link !! Score !! Grade !! Cookies
! Link !! Score !! Grade !! Cookies
|-
|-
| https://observatory.mozilla.org/analyze.html?host=strato.de || 5/100 || F || No cookies detected
| https://observatory.mozilla.org/analyze/strato.de || 5/100 || F || No cookies detected
|-
|-
| https://observatory.mozilla.org/analyze.html?host=ovh.de || 0/100 || F || -20 Cookies set without using the Secure flag or set over http
| https://observatory.mozilla.org/analyze/ovh.de || 0/100 || F || -20 Cookies set without using the Secure flag or set over http
|-
|-
| https://observatory.mozilla.org/analyze.html?host=1und1.de || 0/100 || F || -20 Cookies set without using the Secure flag or set over http
| https://observatory.mozilla.org/analyze/1und1.de || 0/100 || F || -20 Cookies set without using the Secure flag or set over http
|-
|-
| https://observatory.mozilla.org/analyze.html?host=inwx.de || 5/100 || F || -30 Session cookie set without using the HttpOnly flag
| https://observatory.mozilla.org/analyze/inwx.de || 5/100 || F || -30 Session cookie set without using the HttpOnly flag
|-
|-
| https://observatory.mozilla.org/analyze.html?host=do.de || 25/100 || D- || -30 Session cookie set without using the HttpOnly flag
| https://observatory.mozilla.org/analyze/do.de || 25/100 || D- || -30 Session cookie set without using the HttpOnly flag
|-
|-
| https://observatory.mozilla.org/analyze.html?host=all-inkl.com || 0/100 || F || -40 Session cookie set without using the Secure flag or set over http
| https://observatory.mozilla.org/analyze/all-inkl.com || 0/100 || F || -40 Session cookie set without using the Secure flag or set over http
|}
|}



Latest revision as of 2020-02-21T04:10:51

Mozilla Observatory
Link Score Grade Cookies
https://observatory.mozilla.org/analyze/strato.de 5/100 F No cookies detected
https://observatory.mozilla.org/analyze/ovh.de 0/100 F -20 Cookies set without using the Secure flag or set over http
https://observatory.mozilla.org/analyze/1und1.de 0/100 F -20 Cookies set without using the Secure flag or set over http
https://observatory.mozilla.org/analyze/inwx.de 5/100 F -30 Session cookie set without using the HttpOnly flag
https://observatory.mozilla.org/analyze/do.de 25/100 D- -30 Session cookie set without using the HttpOnly flag
https://observatory.mozilla.org/analyze/all-inkl.com 0/100 F -40 Session cookie set without using the Secure flag or set over http
  • 2018-02-20 an email has been sent to OVH, 1und1, INWX, DO, ALL-inkl to inform them about the issue
    • 2018-02-21 OVH: "Ich werde Ihr Feedback weiterleiten."
    • 2018-02-21 DO: "Ich habe dies an unsere Technik weitergegeben. Diese wird das Überprüfen."

2018-07-07

2018-09-20

  • netcup.de : F, 15/100, 5/11. HTTP Strict Transport Security (HSTS) header not implemented

2018-10-05

  • a1.net : F, 0/100, 6/11. Session cookie set without using the Secure flag or set over HTTP