Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ZAP Daily Report #309

Open
github-actions bot opened this issue Nov 1, 2023 · 0 comments
Open

ZAP Daily Report #309

github-actions bot opened this issue Nov 1, 2023 · 0 comments

Comments

@github-actions
Copy link

github-actions bot commented Nov 1, 2023
edited
Loading

ZAP Scan Results

Summary

  • Passed: 55
  • Warnings: 1
  • Failed: 0

Report for https://uat.peopleplus-template.pages.dev

ℹ️ Re-examine Cache-control Directives (Informational (Low)) — 2 Occurrences

See details

Ref: 10015

Description

The cache-control header has not been set properly or is missing, allowing the browser and proxies to cache content. For static assets like css, js, or image files this might be intended, however, the resources should be reviewed to ensure that no sensitive content will be cached.

Solution

For secure content, ensure the cache-control HTTP header is set with "no-cache, no-store, must-revalidate". If an asset should be cached consider setting the directives "public, max-age, immutable".

Other Info

See instances

ℹ️ User Agent Fuzzer (Informational (Medium)) — 24 Occurrences

See details

Ref: 10104

Description

Check for differences in response based on fuzzed User Agent (eg. mobile sites, access as a Search Engine Crawler). Compares the response statuscode and the hashcode of the response body with the original response.

Solution

Other Info

See instances
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
0 participants