Jasper Moelker

icon indicating a website link https://www.voorhoede.nl

icon company De Voorhoede

Results 28 issues of Jasper Moelker

[WIP] Add SSL Grade audit

Don't merge this PR yet. Things that need to be discussed: * error handling * max duration of ssl test Result if passing (used `https://rabobank.nl`): Result if failing due to...

Add Respects DNT Header audit?

The [DNT Header](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/DNT) tells servers to Do Not Track a user. We can audit if a site respects this header. So are Google Analytics, Hotjar, ... loaded if the header...

Add Referrer-Policy header audit?

The Referrer-Policy header is new and arguably a good practice. It accepts a various different values: `""`, `"no-referrer"`, `"no-referrer-when-downgrade"`, `"same-origin"`, `"origin"`, `"strict-origin"`, `"origin-when-cross-origin"`, `"strict-origin-when-cross-origin"`, `"unsafe-url"`. Alternatively a `noreferrer` value can...

Add WebCrypto API Audit?

Lighthouse has a [Do Better Web](https://github.com/GoogleChrome/lighthouse#what-is-do-better-web) section: > Do Better Web is an initiative within Lighthouse to help web developers modernize their existing web applications. By running a set of...

Add Credential Management API Audit?

Lighthouse has a [Do Better Web](https://github.com/GoogleChrome/lighthouse#what-is-do-better-web) section: > Do Better Web is an initiative within Lighthouse to help web developers modernize their existing web applications. By running a set of...

Add X-Content-Type-Options audit

1 comment

See: * https://scotthelme.co.uk/hardening-your-http-response-headers/#x-content-type-options * https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options

Add SSL Test

[ssllabs.com/ssltest/](https://www.ssllabs.com/ssltest/) grades the SSL of each server in the response chain of a page request. It grades certificate, protocol support, key exchange and cipher strength. There's an [API and node...

Check manifest.json for CSP settings?

[Example of CSP defined in manifest.json](https://github.com/GoogleChrome/lighthouse/blob/2f9d2cd731e6519afb1237a866be4c9faf208c4c/lighthouse-extension/app/manifest.json#L31)

Add Semantic Release to auto release on update?

We've been using this in several Voorhoede projects. It simplifies releasing new versions and publishing them to npm. This is often forgotten or you just sometimes make mistakes when doing...

Suggest as "Related project" at GoogleChrome/lighthouse

See [GoogleChrome/lighthouse > Related Projects](https://github.com/GoogleChrome/lighthouse#related-projects).