New version of Webbkoll launched, thanks to a small grant from Digital Rights Fund. Changes/additions:
- Redesigned a bit to hopefully make things a bit more clear and navigable. Better separation between results and general information/advice. Separate boxes for "what is this" and "how do you do this". Hide some things between expandable text boxes. Now works better on mobile.
- Added Content Security Policy (CSP) analysis, Subresource Integrity (SRI) analysis, and improved X-Content-Type-Options/X-Frame-Options/X-XSS-Protection/HSTS checks. This code was ported from Mozilla's Observatory.
- More cooke information shown (HttpOnly, Secure, SameSite)
- localStorage usage shown
- IP address and country (with flags!) shown for every third-party host
- Chromium's security state information shown
- Information/technical advice rewritten (sometimes quoted from MDN)
- Many references to relevant articles and recitals in the GDPR added
- Lots of work to make things a bit cleaner internally
- You can now help translate Webbkoll! We hope to add a few more languages, such as French and German, soon.