I find it interesting (and a bit disappointing) that while github.com gets an A, a static page I host on github pages received an F. Would be great if Github would help pages hosted there be more secure by default.
Which of the security tests performed by this tool do you feel have a significant impact on a static page?
Some of these things, such as subresource integrity, will be down to you and what you do with the code. Many of these tests have very little baring on how 'secure' a static page is.
Some of these things, such as subresource integrity, will be down to you and what you do with the code. Many of these tests have very little baring on how 'secure' a static page is.