Diagnostics

Metrics

_pk_ses.147.204e

_pk_id.147.204e

Websites that have a shopping cart or checkout page, either using a known ecommerce platform or a custom solution.

Cart Functionality

TYPO3 is a free and open-source Web content management system written in PHP.

TYPO3 CMS

PHP is a general-purpose scripting language used for web development.

Matomo Analytics is a free and open-source web analytics application, that runs on a PHP/MySQL web-server.

Matomo Analytics

Turnstile is Cloudflare's smart CAPTCHA alternative.

Cloudflare Turnstile

Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.

Cloudflare

Progressive Web Apps (PWAs) are web apps built and enhanced with modern APIs to deliver enhanced capabilities, reliability, and installability while reaching anyone, anywhere, on any device, all with a single codebase.

Open Graph is a protocol that is used to integrate any web page into the social graph.

Open Graph

HTTP/3 is the third major version of the Hypertext Transfer Protocol used to exchange information on the World Wide Web.

Impact	Description	Documentation
-25	Content Security Policy (CSP) header not implemented	Implement one, see MDN's Content Security Policy (CSP) documentation.
-20	`Strict-Transport-Security` header not implemented.	Add HSTS. Consider rolling out with shorter periods first (as suggested on https://hstspreload.org/).
-20	`X-Frame-Options` (XFO) header not implemented.	Documentation for x-frame-options-sameorigin-or-deny
-5	Subresource Integrity (SRI) not implemented, but all external scripts are loaded over HTTPS.	Add SRI to external scripts.
-5	`X-Content-Type-Options` header not implemented.	Documentation for x-content-type-options-nosniff

https://www.conseiller-numerique.gouv.fr/

Mozilla HTTP observatory

SSL

Grade capped to A. HSTS is not offered

Grade capped to B. TLS 1.0 offered

Grade capped to B. TLS 1.1 offered