ZAP: policy

- Site: [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca) 
 	 **New Alerts** 
	- **CORS Misconfiguration** [40040] total: 4:  
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/robots.txt](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/robots.txt) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/sitemap.xml](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/sitemap.xml) 
	- **CSP: Wildcard Directive** [10055] total: 2:  
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/) 
	- **CSP: style-src unsafe-inline** [10055] total: 2:  
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/) 
	- **Proxy Disclosure** [40025] total: 4:  
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/robots.txt](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/robots.txt) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/sitemap.xml](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/sitemap.xml) 
	- **Cookie with SameSite Attribute None** [10054] total: 2:  
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/) 
	- **Insufficient Site Isolation Against Spectre Vulnerability** [90004] total: 2:  
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/) 
	- **Permissions Policy Header Not Set** [10063] total: 2:  
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/) 
	- **Cookie Slack Detector** [90027] total: 4:  
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/robots.txt](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/robots.txt) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/sitemap.xml](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/sitemap.xml) 
	- **Non-Storable Content** [10049] total: 2:  
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/) 
	- **Re-examine Cache-control Directives** [10015] total: 3:  
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/) 
	- **Sec-Fetch-Dest Header is Missing** [90005] total: 4:  
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/robots.txt](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/robots.txt) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/sitemap.xml](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/sitemap.xml) 
	- **Sec-Fetch-Mode Header is Missing** [90005] total: 4:  
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/robots.txt](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/robots.txt) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/sitemap.xml](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/sitemap.xml) 
	- **Sec-Fetch-Site Header is Missing** [90005] total: 4:  
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/robots.txt](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/robots.txt) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/sitemap.xml](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/sitemap.xml) 
	- **Sec-Fetch-User Header is Missing** [90005] total: 4:  
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/robots.txt](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/robots.txt) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/sitemap.xml](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/sitemap.xml) 
	- **Session Management Response Identified** [10112] total: 2:  
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/) 
	- **Storable and Cacheable Content** [10049] total: 3:  
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/robots.txt](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/robots.txt) 
		- [https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/sitemap.xml](https://onroutebc-test-policy.apps.silver.devops.gov.bc.ca/sitemap.xml) 



View the [following link](https://github.com/bcgov/onroutebc/actions/runs/14712678474) to download the report.
RunnerID:14712678474

---
[ZAP by Checkmarx](https://checkmarx.com/)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

ZAP: policy #1985

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

ZAP: policy #1985

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions