Secure Progressive Web Application - demo

Google Light House test

A+ rankings

• Mozilla Observatory
• Security Headers . io
• SSL Labs

HSTS compliant

• HTTP Strict Transport Security compliance check

CSP compliant

• Work together with your business unit to remove all red items

Notes

• The Google Light House tests scores 89% in this demo, because we disabled indexing. In production it will be 100%.
• When running on a CloudFront.net domain, instead of an Aegon domain
  • SSLLabs and Chrome console will warn you "distrusted by Google and Mozilla from September 2018". When running on an Aegon domain, you will have 4 valid certificates. From the 1rst of April 2018, this message will also be fixed for CloudFront.net domains.
  • DNS CAA is not in place. When you run on an Aegon domain, you will have this in place.
  • TLS 1.0 is still supported. When you run on an Aegon domain by default we only support TLS 1.2, but can add support for 7 year old browsers and 6 year old Android (TLS 1.0) if needed.