lighthouse-security
lighthouse-security copied to clipboard
voorhoede
Runs the default Google Lighthouse tests with additional security tests
This pull request fixes one or more vulnerable packages in the npm dependencies of this project. See the [Snyk test report](https://snyk.io/test/github/voorhoede/lighthouse-security) for this project for details. The PR includes: -...
Let’s get started with automated dependency management for lighthouse-security :muscle: ⚠️ We found a `package-lock.json` file in this repository. You need to use [greenkeeper-lockfile](https://github.com/greenkeeperio/greenkeeper-lockfile) to make sure it gets updated...
![greenkeeper[bot] avatar](https://avatars.githubusercontent.com/in/505?v=4 "greenkeeper[bot] avatar"){kind=avatar}
Note: is much easier to achieve after #58 is merged.
For instance in: * **Secure connection**: HTTPS, redirect HTTP -> HTTPS, SSL grade, ... * **Secure cookies**: Secure Cookie, HttpOnly, ... * **Secure UX**: Paste Password, opens external links with...
See [Safe Browsing Lookup API](https://developers.google.com/safe-browsing/v4/lookup-api) and [Phishtank API](https://www.phishtank.com/api_info.php). Inspired by [Passmarked's Malware module](https://github.com/passmarked/malware).
Don't merge this PR yet. Things that need to be discussed: * error handling * max duration of ssl test Result if passing (used `https://rabobank.nl`): Result if failing due to...
The [DNT Header](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/DNT) tells servers to Do Not Track a user. We can audit if a site respects this header. So are Google Analytics, Hotjar, ... loaded if the header...