Skip to main content
O
osgood_
Legend
April 19, 2018
Question

OT: Am I just having a very bad week or is this profession practically becoming impossible to work within?

  • April 19, 2018
  • 3 replies
  • 1046 views

Ive just had a client test their website on this bit of kit:

https://securityheaders.io/

and they are not happy at the missing headers.

I run a test on 50 other sites, some within their specific discipline and 45 out of 50 all exhibit the exact same missing header information

The only websites where some of the  suggestions are implemented are big banks and google adheres to a couple.

WTF is going on these days?

Os

    This topic has been closed for replies.

    3 replies

    Nancy OShea
    Community Expert
    Nancy OSheaCommunity Expert
    Community Expert
    April 29, 2018

    Yes,  the web is getting ridiculous as are the clients we must work with.

    Thanks to Peru Bob for posting this amusing little video entitled The Expert.

    The Expert (Short Comedy Sketch) - YouTube

    Nancy O'Shea— Product User & Community Expert
      O
      osgood_Author
      Legend
      April 29, 2018

      https://forums.adobe.com/people/Nancy+OShea  wrote

      Yes,  the web is getting ridiculous as are the clients we must work with.

      Thanks to Peru Bob for posting this amusing little video entitled The Expert.

      The Expert (Short Comedy Sketch) - YouTube

      Brilliant! A lot like the meeting I was in a couple of weeks ago. I nearly announced my retirement right there and then, believe me!

        pziecina
        pziecina
        Legend
        April 19, 2018

        Just though you would like to know -

        adobe.com gets a 'D'.

        w3.org gets a 'F'.

        amazon, (both uk and us) gets a 'D'.

        and all the other major sites I checked, none get higher than a 'D'.

        O
        osgood_Author
        Legend
        April 19, 2018

        pziecina  wrote

        Just though you would like to know -

        adobe.com gets a 'D'.

        w3.org gets a 'F'.

        amazon, (both uk and us) gets a 'D'.

        and all the other major sites I checked, none get higher than a 'D'.

        Exactly, I too checked adobe and some others. How big a security issue can it be if the biggest players on the planet fail the test mostly or completley.

        And those that pass with flying colors its probably not by design either its just probably the default settings on the server they are housed on.

        Rant over!

        pziecina
        pziecina
        Legend
        April 19, 2018

        Another item you could point out is that the x-frame meta tag used to 'break out of frames', is invalid code.

        Reading the items the site flags as a problem, it is probably more to do with the sites owner/company trying to justify what they do. After all if they said everything was not essential they would get no clients.

        Most of what they flag as a problem, would only be a problem if it was on the back-end of a secure section of a site. But as they cannot check that, they have opted for the everything is a problem approach.

        O
        osgood_Author
        Legend
        April 19, 2018

        LOL whats even more of a joke the company that sponsors that bit of kit Sophos fails 2 of the tests!

        Ok Im going back into the garden to soak up the sunshine I cant be dealing with ths crap anymore.

        Os

        pziecina
        pziecina
        Legend
        April 19, 2018

        First of all Os, 'cheers' enjoy the beer, (it's the only answer I have found that works ).

        The entire set-up of web development has now reached 'joke' proportions for the small development team, or developer working alone.

        O
        osgood_Author
        Legend
        April 19, 2018

        pziecina  wrote

        First of all Os, 'cheers' enjoy the beer, (it's the only answer I have found that works ).

        The entire set-up of web development has now reached 'joke' proportions for the small development team, or developer working alone.

        Problem is clients now think you are an expert in everything, not just producing webpages, which in itself is an expert discipline, done corrcetly. This stuff is server set up related, nothing that I know anything about. I just told them to employ a server expert to produce a report and configure their server stuff at a cost of probably many hundreds of pounds, not heard anything since.....as soon as they think something is going to cost something they gernerally go away, in my experience.

        Im just a bit fed up with dealing with dumb people. If they had taken the trouble and effort to test as many sites as I did they probably would have got the message, more fail than pass.

        Terms & ConditionsAccessibility statement
        Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices