Diagnostics

Metrics

_pk_ses.109.b3ed

_pk_id.109.b3ed

grist_core

Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.

Node.js

Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.

Bootstrap

BackboneJS is a JavaScript library that allows to develop and structure the client side applications that run in a web browser.

Backbone.js

Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.

Express

Underscore.js is a JavaScript library which provides utility functions for common programming tasks. It is comparable to features provided by Prototype.js and the Ruby language, but opts for a functional programming design instead of extending object prototypes.

Underscore.js

Matomo Analytics is a free and open-source web analytics application, that runs on a PHP/MySQL web-server.

Matomo Analytics

jQuery UI is a collection of GUI widgets, animated visual effects, and themes implemented with jQuery, Cascading Style Sheets, and HTML.

jQuery UI

jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.

jQuery

core-js is a modular standard library for JavaScript, with polyfills for cutting-edge ECMAScript features.

core-js

HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.

HSTS

Webpack is an open-source JavaScript module bundler.

Webpack

Babel is a free and open-source transcompiler for writing next generation JavaScript.

Babel

Open Graph is a protocol that is used to integrate any web page into the social graph.

Open Graph

Module Federation is a webpack technology for dynamically loading parts of other independently deployed builds.

Impact	Description	Documentation
-25	Content Security Policy (CSP) header not implemented	Implement one, see MDN's Content Security Policy (CSP) documentation.
-20	`X-Frame-Options` (XFO) header not implemented.	Documentation for x-frame-options-sameorigin-or-deny
-5	Cookies set without using the `Secure` flag, but transmission over HTTP prevented by HSTS.	Documentation for cookies-secure-with-httponly-sessions
-5	`X-Content-Type-Options` header not implemented.	Documentation for x-content-type-options-nosniff

https://grist.incubateur.anct.gouv.fr/o/docs/

Mozilla HTTP observatory

SSL

Expiration : 25/06/2025