2020-12-18 website test - strato.de
https://observatory.mozilla.org/analyze/strato.de
F Score: 10/100 Tests Passed: 5/11
Test | Score | Reason |
---|---|---|
Content Security Policy | -25 | Content Security Policy (CSP) header not implemented |
Cookies | 0 | No cookies detected |
Cross-origin Resource Sharing | 0 | Content is not visible via cross-origin resource sharing (CORS) files or headers |
HTTP Public Key Pinning | 0 | HTTP Public Key Pinning (HPKP) header not implemented (optional) |
HTTP Strict Transport Security | -20 | HTTP Strict Transport Security (HSTS) header not implemented |
Redirection | -10 | Redirects to HTTPS eventually, but initial redirection is to another HTTP URL |
Referrer Policy | 0 | Referrer-Policy header not implemented (optional) |
Subresource Integrity | 0 | Subresource Integrity (SRI) not implemented, but all scripts are loaded from a similar origin |
X-Content-Type-Options | -5 | X-Content-Type-Options header not implemented |
X-Frame-Options | -20 | X-Frame-Options (XFO) header not implemented |
X-XSS-Protection | -10 | X-XSS-Protection header not implemented |