/
autoblog.com.html
115 lines (108 loc) · 7.12 KB
/
autoblog.com.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>CSP Data for autoblog.com</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css"
integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm"
crossorigin="anonymous">
<style>
.table td, .table th {
padding: .75rem;
vertical-align: top;
border-top: 1px solid #dee2e6;
text-align: inherit;
}
pre {
margin: 0px;
white-space: pre-wrap; /* css-3 */
white-space: -moz-pre-wrap; /* Mozilla, since 1999 */
white-space: -pre-wrap; /* Opera 4-6 */
white-space: -o-pre-wrap; /* Opera 7 */
word-wrap: break-word; /* Internet Explorer 5.5+ */
}
abbr[title] {
border-bottom: none !important;
cursor: inherit !important;
text-decoration: none !important;
}
</style>
</head>
<body>
<h1 style="margin: 12px;">CSP Data for: <a href="http://autoblog.com" target="_blank">autoblog.com</a></h1>
<table class="table table-hover">
<thead>
<tr>
<th scope="col" style="min-width: 1em; max-width: 1em;">#</th>
<th scope="col" style="min-width: 8em; max-width: 8em;">Time Frame</th>
<th scope="col" style="min-width: 5em; max-width: 5em;">Framing Control</th>
<th scope="col" style="min-width: 6em; max-width: 6em;">TLS Enforce</th>
<th scope="col" style="min-width: 6em; max-width: 6em;">Content Control</th>
<th scope="col" style="min-width: 6em; max-width: 6em;">Third JS Parties</th>
<th scope="col" style="min-width: 6em; max-width: 6em;">'unsafe-inline'</th>
<th scope="col" style="min-width: 6em; max-width: 6em;">http / https / *</th>
<th scope="col" style="min-width: 6em; max-width: 6em;">data:</th>
<th scope="col" style="min-width: 4em; max-width: 4em;">Diffs</th>
<th scope="col" style="min-width: 95em; max-width: 95em;">Normalized Policy</th>
</tr>
</thead>
<tbody>
<tr>
<td><pre>0</pre></td>
<td><abbr title="Time Frame"><pre>2018-10-26 - 2018-11-05</pre></abbr></td>
<td><abbr title="Is Framing Control?"><pre>False</pre></abbr></td>
<td><abbr title="Is TLS Enforcement?"><pre>True</pre></abbr></td>
<td><abbr title="Is Content Restriction?"><pre>True</pre></abbr></td>
<td><abbr title=""><pre>0</pre></abbr></td>
<td><abbr title="Has 'unsafe-inline' without hashes/nonces"><pre>True</pre></abbr></td>
<td><abbr title="Has whitelisted whole schemata"><pre>True</pre></abbr></td>
<td><abbr title="Has whitelisted data URIs"><pre>False</pre></abbr></td>
<td><abbr title=""><pre>0</pre></abbr></td>
<td style="min-width: 20em; max-width: 20em;"><abbr title="Normalized CSP"><pre>block-all-mixed-content; <b>default-src</b> https: 'unsafe-inline' 'unsafe-eval'; <b>img-src</b> data: https:; <b>object-src</b> 'none'; <b>sandbox</b> allow-popups-to-escape-sandbox allow-forms allow-popups allow-same-origin allow-scripts allow-presentation; upgrade-insecure-requests; <b>worker-src</b> 'self'; </pre></abbr></td>
</tr>
<tr>
<td><pre>1</pre></td>
<td><abbr title="Time Frame"><pre>2018-11-06 - 2018-11-08</pre></abbr></td>
<td><abbr title="Is Framing Control?"><pre>False</pre></abbr></td>
<td><abbr title="Is TLS Enforcement?"><pre>True</pre></abbr></td>
<td><abbr title="Is Content Restriction?"><pre>True</pre></abbr></td>
<td><abbr title=""><pre>0</pre></abbr></td>
<td><abbr title="Has 'unsafe-inline' without hashes/nonces"><pre>True</pre></abbr></td>
<td><abbr title="Has whitelisted whole schemata"><pre>True</pre></abbr></td>
<td><abbr title="Has whitelisted data URIs"><pre>False</pre></abbr></td>
<td><abbr title="- sandbox allow-popups-to-escape-sandbox allow-forms allow-popups allow-same-origin allow-scripts allow-presentation"><pre>6</pre></abbr></td>
<td style="min-width: 20em; max-width: 20em;"><abbr title="Normalized CSP"><pre>block-all-mixed-content; <b>default-src</b> https: 'unsafe-inline' 'unsafe-eval'; <b>img-src</b> data: https:; <b>object-src</b> 'none'; upgrade-insecure-requests; <b>worker-src</b> 'self'; </pre></abbr></td>
</tr>
<tr>
<td><pre>2</pre></td>
<td><abbr title="Time Frame"><pre>2018-11-09 - 2018-11-19</pre></abbr></td>
<td><abbr title="Is Framing Control?"><pre>False</pre></abbr></td>
<td><abbr title="Is TLS Enforcement?"><pre>True</pre></abbr></td>
<td><abbr title="Is Content Restriction?"><pre>True</pre></abbr></td>
<td><abbr title=""><pre>0</pre></abbr></td>
<td><abbr title="Has 'unsafe-inline' without hashes/nonces"><pre>True</pre></abbr></td>
<td><abbr title="Has whitelisted whole schemata"><pre>True</pre></abbr></td>
<td><abbr title="Has whitelisted data URIs"><pre>False</pre></abbr></td>
<td><abbr title="+ sandbox allow-top-navigation allow-popups-to-escape-sandbox allow-forms allow-popups allow-modals allow-same-origin allow-top-navigation-by-user-activation allow-scripts allow-presentation"><pre>9</pre></abbr></td>
<td style="min-width: 20em; max-width: 20em;"><abbr title="Normalized CSP"><pre>block-all-mixed-content; <b>default-src</b> https: 'unsafe-inline' 'unsafe-eval'; <b>img-src</b> data: https:; <b>object-src</b> 'none'; <b>sandbox</b> allow-top-navigation allow-popups-to-escape-sandbox allow-forms allow-popups allow-modals allow-same-origin allow-top-navigation-by-user-activation allow-scripts allow-presentation; upgrade-insecure-requests; <b>worker-src</b> 'self'; </pre></abbr></td>
</tr>
<tr>
<td><pre>3</pre></td>
<td><abbr title="Time Frame"><pre>2018-11-20 - END</pre></abbr></td>
<td><abbr title="Is Framing Control?"><pre>False</pre></abbr></td>
<td><abbr title="Is TLS Enforcement?"><pre>False</pre></abbr></td>
<td><abbr title="Is Content Restriction?"><pre>False</pre></abbr></td>
<td><abbr title=""><pre>0</pre></abbr></td>
<td><abbr title="Has 'unsafe-inline' without hashes/nonces"><pre>False</pre></abbr></td>
<td><abbr title="Has whitelisted whole schemata"><pre>False</pre></abbr></td>
<td><abbr title="Has whitelisted data URIs"><pre>False</pre></abbr></td>
<td><abbr title="- default-src https: 'unsafe-inline' 'unsafe-eval'
- object-src 'none'
- worker-src 'self'
- img-src data: https:
- upgrade-insecure-requests
- block-all-mixed-content
- sandbox allow-top-navigation allow-popups-to-escape-sandbox allow-forms allow-popups allow-modals allow-same-origin allow-top-navigation-by-user-activation allow-scripts allow-presentation"><pre>16</pre></abbr></td>
<td style="min-width: 20em; max-width: 20em;"><abbr title="Normalized CSP"><pre></pre></abbr></td>
</tr>
</tbody></table></body></html>