FuzzManager icon indicating copy to clipboard operation
FuzzManager copied to clipboard
verified publisher icon MozillaSecurity

reachable.fuzzing.mozilla.org has failed the web security baseline

Open moz-hwine opened this issue 6 years ago • 2 comments

Site https://reachable.fuzzing.mozilla.org has failed the web security baseline scan.

The failing tests are:

Strict-Transport-Security Header Not Set [10035] x 3

  • https://reachable.fuzzing.mozilla.org/ (401 Unauthorized)
  • https://reachable.fuzzing.mozilla.org/robots.txt (401 Unauthorized)
  • https://reachable.fuzzing.mozilla.org/sitemap.xml (401 Unauthorized)

Content Security Policy (CSP) Header Not Set [10038] x 3

  • https://reachable.fuzzing.mozilla.org/ (401 Unauthorized)
  • https://reachable.fuzzing.mozilla.org/robots.txt (401 Unauthorized)
  • https://reachable.fuzzing.mozilla.org/sitemap.xml (401 Unauthorized)

This issue was automatically raised.

This issue is managed automatically by the baseline scan:

  • If the failing tests change then it will be updated
  • If it is closed before the tests pass then a new one will be opened
  • When all of the tests pass then it will be closed

Full details, including how to test for these issues locally, can be found on this Security Baseline Service dashboard. If you have any questions or concerns please get in contact with @psiinon

moz-hwine avatar Oct 30 '19 02:10 moz-hwine

This should be fixed except the CSP tests because we don't deploy CSP on this host.

choller avatar Nov 19 '19 13:11 choller

The following test(s) for site https://reachable.fuzzing.mozilla.org have now passed:

  • Strict-Transport-Security Header Not Set

Keep up the good work!

moz-hwine avatar Nov 20 '19 02:11 moz-hwine