HTTP Headers Analysis for https://farm.apereo.org

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Basic

base-uri; object-src; report-uri; +3 more

X-Frame-Options

Excellent

DENY

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Present

origin

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Consider adding Permissions-Policy to control browser features

Performance Headers

3 headers

Accept-Ranges

Performance

none

Transfer-Encoding

Performance

chunked

Vary

Performance

Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Accept-Encoding

Caching Headers

3 headers

Cache-Control

Caching

no-cache, no-store, max-age=0, must-revalidate

Expires

Caching

Mon, 01 Jan 1990 00:00:00 GMT

Pragma

Caching

no-cache

Content Headers

1 headers

Content-Type

Content

text/html; charset=utf-8

Server Headers

1 headers

Server

ESF

CORS Headers

0 headers

No CORS headers found

Cookies Headers

0 headers

No cookies headers found

Other Headers

3 headers

Date

Other

Wed, 05 Nov 2025 22:50:46 GMT

Document-Policy

Other

include-js-call-stacks-in-crash-reports

Reporting-Endpoints

Other

default="/web-reports?jobset=prod&bl=editors.sites-viewer-frontend_20251029.02_p0&app=25&clss=1&context=eJwNz31UzQccx_Gf3_39Pllpt26lW9LDvUMtknaQ6qrb7Uk2M2b3irNQFymhUh6nDjHt4WBYMSupU7oiMjLsNGwnHJsw1haWEpKilQqrff54nfP-fv77WhfZFg41CpU2RmGmo1H4mOx3GAUvGsg3Cm8XGAWp2Cg4kv6EUTDeNwpL6GK7UbhJn7qYhFTqHmkSJHeTsPodk5BLCZEmIZ2yaBsF-d4RBghj7wjuFPqgS4wm_-weMZA6c3rEXlqb3Cvm0OWQPrGezun6xEv00twnDlBZXp94jBZd6ReXUYLqlZhMqcKgmEl9boOiMHJQ7F4zKL6h92YrFMEUmqNQRNOshwpFHK3pDJKyaXxPsDSZxPwQyZrOHAmRfqaYQJ00kzKMYdIGqnHTS7X0IlYv9dPmZ3rpC_p7fbjUTDWWcKmWdJXhUiTtWWmQDlBCpkFKJrHKIFnT4RMG6ThNOWWQ9JTqFSFlUq9vpDRIgcsipTAatSpSGkdbWiOlL8k0MUpaQJd_iJIaaPfX0VIJlVMN5SfHSEXUrJomPaVGq1iphbJmF8qbqGlpofyE6i1s-vN0ofwP1f9bJDdQ-IhiOZY8PyyWvWlh4yE5iTZ2HpJz6ezSEvkiVaSUyCfoSnOJfIPUx0tlT7JaXyYryTa3THYiF49y2Yu855bL_hS-vVyOpVltFXIcraK1dHiGRT5OTYkW-QmdL7fIv9Bk30o5lOprK-UGSks4Kq-jtuVH5S7aV9kmF1Nd3VP5OplC2-UFNO9Cu5xAV03P5Juk3P9MdibFw2GwoSqlLWpodI0t_OjOpbdxnzIDlPiMPihUYg61ltqhg_Lm22MXWR7bo5qWttljJVn5q6CkIRoHvEXVkx1wlsICHRBDkxY6YCoF3HVEED3a6oRO2lQ8HNtoTONwjKfvEpxRQtYpzlDRq1T2Cmds91RjJy2ZqMYTsxov6GSlGueo77IawhU1Nhx0wRa6VeyCRsrKc8UmetXpCvG5Kw70uqKUdqeOQAG17BiBdtqjd8M-mhfrhgX0h8UddX-54xp5d7rDn-a8cEccnZrngTOLPfATtZ30QBdNt_LEbKqe7MmfPdGU5ImOGk-8pPWHvLCZIjq98D6ljNcggyZFaxBMTqs1GEmvczVQbNUguUiDdDp_TYMLNOw3Deypl95Q1O8aTKdyqqSvBjTYQ8UTtKig_0K0kHVaVIVqUUPtSVp00_O1WvSQ8KMWQynulhaLKNY4GrOo2TQaT0k3dwwiSWnvDUe69703mul2K5tqlD6opRZ7H7RTg4MPmui1ow8UTj749nYQyqheCMZVSzBuUr9dCAbIMiME1TQo6GA1RIdgGx2m08q9Oqyhxl1T0UJmRSiWkfWoUKiocWwYWqjWEIbrpL0UBl9abtBjNTXk65HTpsd22hllQAENNxugphcpBvSTXQ5v6lREYJAU8yNgQ8E3ImCgex0RaKXuqki8IYeEKKjp4MYoLMmOwgp6lhGNHtIcica71FUZjVf0jV8M9lPEpBhMo7V08X4MrlJBRwxu5T1AI8U_foBEUn3UAlfKjm_B52Td3wIVpWW3Yh21OT9CF1W0P0Jm8WMcuNuGUtob9BTepzugGjb018PH6mCXXdZwQ-EqfZJkztKMNScmZaxIS_dLT8owp4_L5GZOG7c4bUVqhjk1MT7AP2DiBP-AKX7-AfEr_f8HQUZksQ&build-label=editors.sites-viewer-frontend_20251029.02_p0&imp-sid=CN_E5LuM3JADFbFKqwId7Qc9fg&is-cached-offline=false"

Recommendations

Enable compression (gzip/brotli) to improve performance