[PulseGuardian] Improve HTTP observatory score for pulseguardian.mozilla.org

RESOLVED FIXED

Status

Webtools
Pulse
RESOLVED FIXED
a year ago
6 months ago

People

(Reporter: emorley, Unassigned)

Tracking

(Blocks: 1 bug)

Trunk
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

a year ago
https://observatory.mozilla.org/analyze.html?host=pulseguardian.mozilla.org

Current score is an F.

Will file dep bugs for obvious quick wins.
(Reporter)

Updated

a year ago
Depends on: 1342116
(Reporter)

Updated

a year ago
Depends on: 1342123
(Reporter)

Updated

a year ago
Depends on: 1342128
(Reporter)

Updated

a year ago
Depends on: 1342131

Updated

a year ago
Blocks: 1338680

Comment 1

8 months ago
Up from F to D. :)
Summary: [PulseGuardian] Improve HTTP observatory score for pulseguardian.mozilla.org (currently F) → [PulseGuardian] Improve HTTP observatory score for pulseguardian.mozilla.org (currently D)

Comment 2

8 months ago
Up to B-!
Summary: [PulseGuardian] Improve HTTP observatory score for pulseguardian.mozilla.org (currently D) → [PulseGuardian] Improve HTTP observatory score for pulseguardian.mozilla.org (currently B-)

Updated

8 months ago
Summary: [PulseGuardian] Improve HTTP observatory score for pulseguardian.mozilla.org (currently B-) → [PulseGuardian] Improve HTTP observatory score for pulseguardian.mozilla.org (currently B)

Comment 3

6 months ago
With OIDC auth now working correctly, and one small CSP change (https://github.com/mozilla-services/pulseguardian/commit/991686eb9b867e0b637d1c64e61d6c221a829750), HTTP Observatory now gives PulseGuardian an A+ rating. \o/

Apparently there's even more we can do ("The use of Referrer Policy can help protect the privacy of your users by restricting the information that browsers provide when accessing resources kept on other sites"), but given we can't get a higher grade, I'm closing this bug out.
Status: NEW → RESOLVED
Last Resolved: 6 months ago
Resolution: --- → FIXED
Summary: [PulseGuardian] Improve HTTP observatory score for pulseguardian.mozilla.org (currently B) → [PulseGuardian] Improve HTTP observatory score for pulseguardian.mozilla.org
You need to log in before you can comment on or make changes to this bug.