https://developer.mozilla.org/en-US/observatory/analyze?host=handbook.gitlab.com As of 2024-09-04 | Test | Pass? | Score | Notes | | ------ | ------ | ------ | ------ | | Content Security Policy | X | -25 | | | Cookies | - | - | Cookie banner means users have to accept | | Cross-origin Resource Sharing | ✓ | 0 | | | Redirection | ✓ | 0 | | | Referrer Policy | - | - | | | HTTP Strict Transport Security | x | -20 | | | Subresource Integrity | ✓ | 0 | | | X-Content-Type-Options | x | -5 | | | X-Frame-Options | x | -20 | | | Cross Origin Resource Policy | - | - | | Unfortunately, anything involving headers is blocked by the lack of a feature to allow customized headers on the specific `Pages` site.