Bug 379399 - kde.org gets a B in observatory.mozilla.org
Summary: kde.org gets a B in observatory.mozilla.org
Status: RESOLVED FIXED
Alias: None
Product: www.kde.org
Classification: Websites
Component: general (show other bugs)
Version: unspecified
Platform: Other Linux
: NOR normal
Target Milestone: ---
Assignee: kde-www mailing-list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-05-01 10:36 UTC by Albert Astals Cid
Modified: 2021-12-11 17:02 UTC (History)
4 users (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Albert Astals Cid 2017-05-01 10:36:27 UTC 
I guess it'd be nice to get a better grade.

https://observatory.mozilla.org/analyze.html?host=www.kde.org
Comment 1 carl 2020-07-13 18:38:02 UTC 
We now get B+, it is progress but still not good. The biggest reason we get a bad grade is because we don't have a  Content Security Policy enabled.

I just added a basic one: default-src https: 'unsafe-inline' but to improve it more we will need to hunt for all the instance of inline js for example onclick="js code" and inline style for example style="width: 800px". There are tons of them in the generated changelogs for example :(
Comment 2 David Marzal 2021-12-07 22:42:32 UTC 
Now is a bare B.

The URL to the scan has changed:
https://observatory.mozilla.org/analyze/www.kde.org
Comment 3 Nate Graham 2021-12-11 16:34:21 UTC 
I notice that mozilla.org itself only gets a B+!

https://observatory.mozilla.org/analyze/www.mozilla.org
Comment 4 Albert Astals Cid 2021-12-11 16:37:59 UTC 
As reporter of the original bug, i think "B" is an acceptable result (compared to the D+ we got before)  and I'd be fine if we decided to close this as fixed
Comment 5 Nate Graham 2021-12-11 17:02:43 UTC 
FWIW google.com gets a c- and wikipedia.org gets a D+! Since the criteria here seem very strict, B is probably fine, yeah.