Anti-spam team, Confirmed users
99
edits
User:Apking/Web Security Guidelines: Difference between revisions
User:Apking/Web Security Guidelines (view source)
Revision as of 22:32, 18 February 2016
, 18 February 2016tweaks to chart
(Tweak table a bunch, OpSec to Infosec) |
(tweaks to chart) |
||
| Line 60: | Line 60: | ||
| data-sort-value="1" | [[#HTTPS|<span style="color: black;">HTTPS</span>]] | | data-sort-value="1" | [[#HTTPS|<span style="color: black;">HTTPS</span>]] | ||
| data-sort-value="4" style="text-align: center;" | Maximum | | data-sort-value="4" style="text-align: center;" | Maximum | ||
| data-sort-value="1" style="text-align: center;" | | | data-sort-value="1" style="text-align: center;" | Easy | ||
| style="text-align: center;" data-sort-value="0" | | | style="text-align: center;" data-sort-value="0" | | ||
| Mandatory | | Mandatory | ||
| Line 74: | Line 74: | ||
| data-sort-value="3" style="padding-left: 1.5em;" | [[#HTTP Redirections|<span style="color: black;">Redirections from HTTP</span>]] | | data-sort-value="3" style="padding-left: 1.5em;" | [[#HTTP Redirections|<span style="color: black;">Redirections from HTTP</span>]] | ||
| data-sort-value="4" style="text-align: center;" | Maximum | | data-sort-value="4" style="text-align: center;" | Maximum | ||
| data-sort-value="1" style="text-align: center;" | | | data-sort-value="1" style="text-align: center;" | Easy | ||
| style="text-align: center;" | 3 | | style="text-align: center;" | 3 | ||
| Mandatory | | Mandatory | ||
| Line 81: | Line 81: | ||
| data-sort-value="4" style="padding-left: 1.5em;" | [[#Resource Loading|<span style="color: black;">Resource Loading</span>]] | | data-sort-value="4" style="padding-left: 1.5em;" | [[#Resource Loading|<span style="color: black;">Resource Loading</span>]] | ||
| data-sort-value="4" style="text-align: center;" | Maximum | | data-sort-value="4" style="text-align: center;" | Maximum | ||
| data-sort-value="1" style="text-align: center;" | | | data-sort-value="1" style="text-align: center;" | Easy | ||
| style="text-align: center;" | 2 | | style="text-align: center;" | 2 | ||
| Mandatory for all websites | | Mandatory for all websites | ||
| Line 88: | Line 88: | ||
| data-sort-value="5" style="padding-left: 1.5em;" | [[#HTTP Strict Transport Security|<span style="color: black;">Strict Transport Security</span>]] | | data-sort-value="5" style="padding-left: 1.5em;" | [[#HTTP Strict Transport Security|<span style="color: black;">Strict Transport Security</span>]] | ||
| data-sort-value="3" style="text-align: center;" | High | | data-sort-value="3" style="text-align: center;" | High | ||
| data-sort-value="1" style="text-align: center;" | | | data-sort-value="1" style="text-align: center;" | Easy | ||
| style="text-align: center;" | 4 | | style="text-align: center;" | 4 | ||
| Mandatory for all websites | | Mandatory for all websites | ||
| Line 95: | Line 95: | ||
| data-sort-value="6" style="padding-left: 1.5em;" | [[#HTTPS|<span style="color: black;">TLS Configuration</span>]] | | data-sort-value="6" style="padding-left: 1.5em;" | [[#HTTPS|<span style="color: black;">TLS Configuration</span>]] | ||
| data-sort-value="2" style="text-align: center;" | Medium | | data-sort-value="2" style="text-align: center;" | Medium | ||
| data-sort-value="1" style="text-align: center;" | | | data-sort-value="1" style="text-align: center;" | Easy | ||
| style="text-align: center;" | 1 | | style="text-align: center;" | 1 | ||
| Mandatory | | Mandatory | ||
| Line 109: | Line 109: | ||
| data-sort-value="8" | [[#Cookies|<span style="color: black;">Cookies</span>]] | | data-sort-value="8" | [[#Cookies|<span style="color: black;">Cookies</span>]] | ||
| data-sort-value="3" style="text-align: center;" | High | | data-sort-value="3" style="text-align: center;" | High | ||
| data-sort-value="1" style="text-align: center;" | | | data-sort-value="1" style="text-align: center;" | Medium | ||
| style="text-align: center;" | 7 | | style="text-align: center;" | 7 | ||
| Mandatory for all new websites<br>Recommended for existing websites | | Mandatory for all new websites<br>Recommended for existing websites | ||
| Line 116: | Line 116: | ||
| data-sort-value="9" | [[#contribute.json|<span style="color: black;">contribute.json</span>]] | | data-sort-value="9" | [[#contribute.json|<span style="color: black;">contribute.json</span>]] | ||
| data-sort-value="1" style="text-align: center;" | Low | | data-sort-value="1" style="text-align: center;" | Low | ||
| data-sort-value="1" style="text-align: center;" | | | data-sort-value="1" style="text-align: center;" | Easy | ||
| style="text-align: center;" | 9 | | style="text-align: center;" | 9 | ||
| Mandatory for all new Mozilla websites<br>Recommended for existing Mozilla sites | | Mandatory for all new Mozilla websites<br>Recommended for existing Mozilla sites | ||
| Line 123: | Line 123: | ||
| data-sort-value="10" | [[#Cross-origin Resource Sharing|<span style="color: black;">Cross-origin Resource Sharing</span>]] | | data-sort-value="10" | [[#Cross-origin Resource Sharing|<span style="color: black;">Cross-origin Resource Sharing</span>]] | ||
| data-sort-value="3" style="text-align: center;" | High | | data-sort-value="3" style="text-align: center;" | High | ||
| data-sort-value="1" style="text-align: center;" | | | data-sort-value="1" style="text-align: center;" | Easy | ||
| style="text-align: center;" | 11 | | style="text-align: center;" | 11 | ||
| Mandatory | | Mandatory | ||
| Line 137: | Line 137: | ||
| data-sort-value="12" | [[#robots.txt|<span style="color: black;">robots.txt</span>]] | | data-sort-value="12" | [[#robots.txt|<span style="color: black;">robots.txt</span>]] | ||
| data-sort-value="1" style="text-align: center;" | Low | | data-sort-value="1" style="text-align: center;" | Low | ||
| data-sort-value="1" style="text-align: center;" | | | data-sort-value="1" style="text-align: center;" | Easy | ||
| style="text-align: center;" | 13 | | style="text-align: center;" | 13 | ||
| Optional | | Optional | ||
| Line 151: | Line 151: | ||
| data-sort-value="14" | [[#X-Content-Type-Options|<span style="color: black;">X-Content-Type-Options</span>]] | | data-sort-value="14" | [[#X-Content-Type-Options|<span style="color: black;">X-Content-Type-Options</span>]] | ||
| data-sort-value="1" style="text-align: center;" | Low | | data-sort-value="1" style="text-align: center;" | Low | ||
| data-sort-value="1" style="text-align: center;" | | | data-sort-value="1" style="text-align: center;" | Easy | ||
| style="text-align: center;" | 8 | | style="text-align: center;" | 8 | ||
| Recommended for all websites | | Recommended for all websites | ||
| Line 158: | Line 158: | ||
| data-sort-value="15" | [[#X-Frame-Options|<span style="color: black;">X-Frame-Options</span>]] | | data-sort-value="15" | [[#X-Frame-Options|<span style="color: black;">X-Frame-Options</span>]] | ||
| data-sort-value="3" style="text-align: center;" | High | | data-sort-value="3" style="text-align: center;" | High | ||
| data-sort-value="1" style="text-align: center;" | | | data-sort-value="1" style="text-align: center;" | Easy | ||
| style="text-align: center;" | 5 | | style="text-align: center;" | 5 | ||
| Mandatory for all websites | | Mandatory for all websites | ||
| Line 165: | Line 165: | ||
| data-sort-value="16" | [[#X-XSS-Protection|<span style="color: black;">X-XSS-Protection</span>]] | | data-sort-value="16" | [[#X-XSS-Protection|<span style="color: black;">X-XSS-Protection</span>]] | ||
| data-sort-value="1" style="text-align: center;" | Low | | data-sort-value="1" style="text-align: center;" | Low | ||
| data-sort-value="2" style="text-align: center;" | | | data-sort-value="2" style="text-align: center;" | Medium | ||
| style="text-align: center;" | 12 | | style="text-align: center;" | 12 | ||
| Mandatory for all new websites<br>Recommended for existing websites | | Mandatory for all new websites<br>Recommended for existing websites | ||