WebFaction
Community site: login faq

I recently learned about Mozilla Observatory and am trying to do a few simple things to improve my site's grade. Most of my pages are PHP scripts, so I used the header() function to set new HTTP headers for them. (I had hoped to use .htaccess directives, but research on this forum and elsewhere suggests that mod_headers doesn't get along with PHP/CGI scripts.)

When I inspect my site's headers from my own computer (using curl, for example), I see what I'm expecting to:

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 09 Jul 2017 16:53:48 GMT
Content-Type: text/html
Connection: keep-alive
Vary: Accept-Encoding
Content-Security-Policy: frame-ancestors 'self'
X-Content-Security-Policy: frame-ancestors 'self'
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

The last four lines are the ones I added.

However, Observatory seems not to see these new headers. My score hasn't changed, and here's what it has under "Raw Server Headers":

Connection  keep-alive
Content-Length  3282
Content-Type    text/html
Date    Sun, 09 Jul 2017 15:28:14 GMT
ETag    "591b2017-cd2"
Server  nginx

I don't think this is a caching issue, because I've waited several days between scans and I've been careful to mark the "Force a rescan instead of returning cached results" checkbox. I've also double-checked that I'm not mistyping my site's URL.

I don't understand how or why Observatory could be seeing different HTTP headers than I am. Any ideas?

asked 09 Jul, 17:10

Triskaideka's gravatar image

Triskaideka
1314
accept rate: 0%

Be the first one to answer this question!
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×26
×10

question asked: 09 Jul, 17:10

question was seen: 405 times

last updated: 09 Jul, 17:10

WEBFACTION
REACH US
SUPPORT
AFFILIATE PROGRAM
LEGAL
© COPYRIGHT 2003-2017 PARAGON INTERNET GROUP LIMITED
WEBFACTION IS A SERVICE OF PARAGON INTERNET GROUP LIMITED
REGISTERED IN ENGLAND AND WALES 7573953 - VAT REGISTRATION NUMBER 182147021
5TH FLOOR, THE OLD VINYL FACTORY, HAYES, UB3 1HA, UNITED KINGDOM