{
  "scan": {
    "algorithmVersion": 4,
    "grade": "C+",
    "error": null,
    "score": 60,
    "statusCode": 200,
    "testsFailed": 2,
    "testsPassed": 8,
    "testsQuantity": 10,
    "responseHeaders": {
      "date": "Sun, 09 Nov 2025 08:44:38 GMT",
      "content-type": "text/html; charset=utf-8",
      "transfer-encoding": "chunked",
      "connection": "close",
      "content-security-policy": "style-src 'self' 'unsafe-inline';    font-src 'self';    object-src 'none';    base-uri 'self';    form-action 'self';",
      "strict-transport-security": "max-age=31536000; includeSubDomains",
      "referrer-policy": "strict-origin-when-cross-origin",
      "x-content-type-options": "nosniff",
      "permissions-policy": "accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()",
      "vary": "RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Router-Segment-Prefetch, Accept-Encoding",
      "link": "</_next/static/media/313510e2713fb214-s.p.woff2>; rel=preload; as=\"font\"; crossorigin=\"\"; type=\"font/woff2\", </_next/static/media/e4af272ccee01ff0-s.p.woff2>; rel=preload; as=\"font\"; crossorigin=\"\"; type=\"font/woff2\", </_next/static/css/081a0afca5a9bd20.css>; rel=preload; as=\"style\", </_next/static/css/aeca89a603521737.css>; rel=preload; as=\"style\", </_next/static/css/f33e4fcf4e5cf508.css>; rel=preload; as=\"style\"",
      "x-powered-by": "Next.js",
      "cache-control": "private, no-cache, no-store, max-age=0, must-revalidate"
    }
  },
  "tests": {
    "content-security-policy": {
      "expectation": "csp-implemented-with-no-unsafe",
      "pass": false,
      "result": "csp-implemented-with-unsafe-inline",
      "scoreModifier": -20,
      "data": {
        "style-src": [
          "'self'",
          "'unsafe-inline'"
        ],
        "font-src": [
          "'self'"
        ],
        "object-src": [
          "'none'"
        ],
        "base-uri": [
          "'self'"
        ],
        "form-action": [
          "'self'"
        ]
      },
      "http": true,
      "meta": false,
      "policy": {
        "antiClickjacking": false,
        "defaultNone": false,
        "insecureBaseUri": false,
        "insecureFormAction": false,
        "insecureSchemeActive": false,
        "insecureSchemePassive": false,
        "strictDynamic": false,
        "unsafeEval": false,
        "unsafeInline": true,
        "unsafeInlineStyle": true,
        "unsafeObjects": false
      },
      "numPolicies": 1
    },
    "cookies": {
      "expectation": "cookies-secure-with-httponly-sessions",
      "pass": true,
      "result": "cookies-not-found",
      "scoreModifier": 0,
      "data": null,
      "sameSite": false
    },
    "cross-origin-resource-sharing": {
      "expectation": "cross-origin-resource-sharing-not-implemented",
      "pass": true,
      "result": "cross-origin-resource-sharing-not-implemented",
      "scoreModifier": 0,
      "data": null
    },
    "redirection": {
      "expectation": "redirection-to-https",
      "pass": true,
      "result": "redirection-to-https",
      "scoreModifier": 0,
      "destination": "https://gptlab.eea.europa.eu/auth/login?next=%2Fchat",
      "redirects": true,
      "route": [
        "http://gptlab.eea.europa.eu/",
        "https://gptlab.eea.europa.eu/",
        "https://gptlab.eea.europa.eu/chat",
        "https://gptlab.eea.europa.eu/auth/login?next=%2Fchat"
      ],
      "statusCode": 200
    },
    "referrer-policy": {
      "expectation": "referrer-policy-private",
      "pass": true,
      "result": "referrer-policy-private",
      "scoreModifier": 5,
      "data": "strict-origin-when-cross-origin",
      "http": true,
      "meta": false
    },
    "strict-transport-security": {
      "expectation": "hsts-implemented-max-age-at-least-six-months",
      "pass": true,
      "result": "hsts-implemented-max-age-at-least-six-months",
      "scoreModifier": 0,
      "data": "max-age=31536000; includeSubDomains",
      "includeSubDomains": true,
      "maxAge": 31536000,
      "preload": false,
      "preloaded": false
    },
    "subresource-integrity": {
      "expectation": "sri-implemented-and-external-scripts-loaded-securely",
      "pass": true,
      "result": "sri-not-implemented-but-all-scripts-loaded-from-secure-origin",
      "scoreModifier": 0,
      "data": {}
    },
    "x-content-type-options": {
      "expectation": "x-content-type-options-nosniff",
      "pass": true,
      "result": "x-content-type-options-nosniff",
      "scoreModifier": 0,
      "data": "nosniff"
    },
    "x-frame-options": {
      "expectation": "x-frame-options-sameorigin-or-deny",
      "pass": false,
      "result": "x-frame-options-not-implemented",
      "scoreModifier": -20,
      "data": null
    },
    "cross-origin-resource-policy": {
      "expectation": "corp-implemented-with-same-site",
      "pass": true,
      "result": "corp-not-implemented",
      "scoreModifier": 0,
      "data": null,
      "http": false,
      "meta": false
    }
  }
}