{ "scan": { "algorithmVersion": 4, "grade": "C+", "error": null, "score": 60, "statusCode": 200, "testsFailed": 2, "testsPassed": 8, "testsQuantity": 10, "responseHeaders": { "accept-ranges": "bytes", "age": "46", "content-type": "text/html; charset=utf-8", "date": "Mon, 10 Nov 2025 07:13:17 GMT", "etag": "W/\"85b6b-Hc6bFGYUsWpnfqQcJR9bwjoDGQg-gzip\"", "grace": "", "via": "1.1 volto-clms-varnish-1 (Varnish/7.7)", "x-backend": "cluster(frontend:(null))", "x-backend-name": "cluster(10.42.4.63:3000)", "x-cache": "HIT", "x-cacheable": "YES", "x-url": "/en", "x-varnish": "8520294 12058931", "transfer-encoding": "chunked", "server": "HTTPS", "x-frame-options": "SAMEORIGIN", "referrer-policy": "strict-origin-when-cross-origin", "content-security-policy": "default-src 'self'; object-src 'self'; base-uri 'self'; form-action 'self'; connect-src 'self' blob: https://globalland.vito.be https://api.friendlycaptcha.com/ https://sh.dataspace.copernicus.eu/ https://gisco-services.ec.europa.eu/ https://s3-eu-west-1.amazonaws.com/ https://geoserver.geoville.com/ https://geoserver.vlcc.geoville.com https://raw.githubusercontent.com https://clms-prod.eea.europa.eu https://land.copernicus.eu https://*.eea.europa.eu https://api.openaire.eu https://api.openaire.com https://api.zotero.org/ https://cdn.arcgis.com/ https://www.arcgis.com/ https://utility.arcgisonline.com/ https://js.arcgis.com/ https://services.arcgisonline.com https://services.arcgis.com https://geocode.arcgis.com https://static.arcgis.com https://basemaps.arcgis.com/ https://*.arcgis.com/ https://*.eionet.europa.eu http://*.eea.europa.eu https://land.copernicus.eu https://*.land.copernicus.eu https://*.vgt.vito.be https://*.hrvpp.vgt.vito.be https://cloudferro.sentinel-hub.com https://geospatial.jrc.ec.europa.eu https://image.discomap.eea.europa.eu; font-src 'self' data: https://cdnjs.cloudflare.com/ https://cdn.arcgis.com/ https://js.arcgis.com/ https://fonts.gstatic.com/ https://*.eea.europa.eu https://*.eionet.europa.eu https://land.copernicus.eu https://*.land.copernicus.eu; frame-src 'self' https://sbsimo.github.io/ https://europa.eu/ https://*.europa.eu/ https://*.eea.europa.eu https://*.eionet.europa.eu http://*.eea.europa.eu https://eea.maps.arcgis.com/ https://land.copernicus.eu https://*.land.copernicus.eu https://www.youtube.com https://youtube.com; img-src http: https: blob: data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://matomo.eea.europa.eu https://js.arcgis.com/ https://geocode.arcgis.com https://services.arcgis.com https://api.openaire.eu https://api.openaire.com https://api.zotero.org/ https://www.google.com/jsapi https://www.google.com/uds/ https://www.gstatic.com/ https://spreadsheets.google.com/ https://docs.google.com/ https://*.eea.europa.eu https://*.eionet.europa.eu http://*.eea.europa.eu https://d3js.org https://cdnjs.cloudflare.com https://code.jquery.com https://land.copernicus.eu https://*.land.copernicus.eu https://public.tableau.com; frame-ancestors 'self' *.eionet.europa.eu *.eea.europa.eu *.discomap.eea.europa.eu; media-src https://*.eea.europa.eu; style-src 'self' 'unsafe-inline' https://www.google.com/uds/ https://js.arcgis.com/ https://api.openaire.eu https://api.openaire.com https://api.zotero.org/ https://fonts.googleapis.com/css https://ajax.googleapis.com/ https://www.gstatic.com/ https://*.eionet.europa.eu https://*.eea.europa.eu https://cdnjs.cloudflare.com https://code.jquery.com; report-uri https://sentry.eea.europa.eu/api/28/security/?sentry_key=6afdc4d9e7a148509fa0841b0e58a958", "access-control-allow-headers": "Authorization, Content-Type, content-type", "permissions-policy": "accelerometer=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), sync-xhr=(self), usb=()", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "x-content-type-options": "nosniff", "x-xss-protection": "1; mode=block", "vary": "Origin", "connection": "close" } }, "tests": { "content-security-policy": { "expectation": "csp-implemented-with-no-unsafe", "pass": false, "result": "csp-implemented-with-unsafe-inline", "scoreModifier": -20, "data": { "default-src": [ "'self'" ], "object-src": [ "'self'" ], "base-uri": [ "'self'" ], "form-action": [ "'self'" ], "connect-src": [ "'self'", "blob:", "http://*.eea.europa.eu", "https://*.arcgis.com/", "https://*.eea.europa.eu", "https://*.eionet.europa.eu", "https://*.hrvpp.vgt.vito.be", "https://*.land.copernicus.eu", "https://*.vgt.vito.be", "https://api.friendlycaptcha.com/", "https://api.openaire.com", "https://api.openaire.eu", "https://api.zotero.org/", "https://basemaps.arcgis.com/", "https://cdn.arcgis.com/", "https://clms-prod.eea.europa.eu", "https://cloudferro.sentinel-hub.com", "https://geocode.arcgis.com", "https://geoserver.geoville.com/", "https://geoserver.vlcc.geoville.com", "https://geospatial.jrc.ec.europa.eu", "https://gisco-services.ec.europa.eu/", "https://globalland.vito.be", "https://image.discomap.eea.europa.eu", "https://js.arcgis.com/", "https://land.copernicus.eu", "https://raw.githubusercontent.com", "https://s3-eu-west-1.amazonaws.com/", "https://services.arcgis.com", "https://services.arcgisonline.com", "https://sh.dataspace.copernicus.eu/", "https://static.arcgis.com", "https://utility.arcgisonline.com/", "https://www.arcgis.com/" ], "font-src": [ "'self'", "data:", "https://*.eea.europa.eu", "https://*.eionet.europa.eu", "https://*.land.copernicus.eu", "https://cdn.arcgis.com/", "https://cdnjs.cloudflare.com/", "https://fonts.gstatic.com/", "https://js.arcgis.com/", "https://land.copernicus.eu" ], "frame-src": [ "'self'", "http://*.eea.europa.eu", "https://*.eea.europa.eu", "https://*.eionet.europa.eu", "https://*.europa.eu/", "https://*.land.copernicus.eu", "https://eea.maps.arcgis.com/", "https://europa.eu/", "https://land.copernicus.eu", "https://sbsimo.github.io/", "https://www.youtube.com", "https://youtube.com" ], "img-src": [ "blob:", "data:", "http:", "https:" ], "script-src": [ "'self'", "'unsafe-eval'", "'unsafe-inline'", "blob:", "data:", "http://*.eea.europa.eu", "https://*.eea.europa.eu", "https://*.eionet.europa.eu", "https://*.land.copernicus.eu", "https://api.openaire.com", "https://api.openaire.eu", "https://api.zotero.org/", "https://cdnjs.cloudflare.com", "https://code.jquery.com", "https://d3js.org", "https://docs.google.com/", "https://geocode.arcgis.com", "https://js.arcgis.com/", "https://land.copernicus.eu", "https://matomo.eea.europa.eu", "https://public.tableau.com", "https://services.arcgis.com", "https://spreadsheets.google.com/", "https://www.google.com/jsapi", "https://www.google.com/uds/", "https://www.gstatic.com/" ], "frame-ancestors": [ "'self'", "*.discomap.eea.europa.eu", "*.eea.europa.eu", "*.eionet.europa.eu" ], "media-src": [ "https://*.eea.europa.eu" ], "style-src": [ "'self'", "'unsafe-inline'", "https://*.eea.europa.eu", "https://*.eionet.europa.eu", "https://ajax.googleapis.com/", "https://api.openaire.com", "https://api.openaire.eu", "https://api.zotero.org/", "https://cdnjs.cloudflare.com", "https://code.jquery.com", "https://fonts.googleapis.com/css", "https://js.arcgis.com/", "https://www.google.com/uds/", "https://www.gstatic.com/" ], "report-uri": [ "https://sentry.eea.europa.eu/api/28/security/?sentry_key=6afdc4d9e7a148509fa0841b0e58a958" ] }, "http": true, "meta": false, "policy": { "antiClickjacking": true, "defaultNone": false, "insecureBaseUri": false, "insecureFormAction": false, "insecureSchemeActive": true, "insecureSchemePassive": true, "strictDynamic": false, "unsafeEval": true, "unsafeInline": true, "unsafeInlineStyle": true, "unsafeObjects": false }, "numPolicies": 1 }, "cookies": { "expectation": "cookies-secure-with-httponly-sessions", "pass": true, "result": "cookies-not-found", "scoreModifier": 0, "data": null, "sameSite": false }, "cross-origin-resource-sharing": { "expectation": "cross-origin-resource-sharing-not-implemented", "pass": true, "result": "cross-origin-resource-sharing-not-implemented", "scoreModifier": 0, "data": null }, "redirection": { "expectation": "redirection-to-https", "pass": false, "result": "redirection-missing", "scoreModifier": -20, "destination": "http://clmsdemo.devel6cph.eea.europa.eu/", "redirects": false, "route": [ "http://clmsdemo.devel6cph.eea.europa.eu/" ], "statusCode": 503 }, "referrer-policy": { "expectation": "referrer-policy-private", "pass": true, "result": "referrer-policy-private", "scoreModifier": 5, "data": "strict-origin-when-cross-origin", "http": true, "meta": false }, "strict-transport-security": { "expectation": "hsts-implemented-max-age-at-least-six-months", "pass": true, "result": "hsts-implemented-max-age-at-least-six-months", "scoreModifier": 0, "data": "max-age=31536000; includeSubDomains; preload", "includeSubDomains": true, "maxAge": 31536000, "preload": true, "preloaded": false }, "subresource-integrity": { "expectation": "sri-implemented-and-external-scripts-loaded-securely", "pass": true, "result": "sri-not-implemented-but-all-scripts-loaded-from-secure-origin", "scoreModifier": 0, "data": {} }, "x-content-type-options": { "expectation": "x-content-type-options-nosniff", "pass": true, "result": "x-content-type-options-nosniff", "scoreModifier": 0, "data": "nosniff" }, "x-frame-options": { "expectation": "x-frame-options-sameorigin-or-deny", "pass": true, "result": "x-frame-options-implemented-via-csp", "scoreModifier": 5, "data": "SAMEORIGIN" }, "cross-origin-resource-policy": { "expectation": "corp-implemented-with-same-site", "pass": true, "result": "corp-not-implemented", "scoreModifier": 0, "data": null, "http": false, "meta": false } } }