Merge branch 'main' of https://github.com/Taofeeqib/angular-xss

Author: Taofeeqib

docs/reports/README.md

@@ -28,3 +28,15 @@ Generated on Sun Sep  7 16:43:57 UTC 2025
   - [trufflehog-results.json](./trufflehog-results.json)
   - [zap-baseline-report.json](./zap-baseline-report.json)
   - [zap-baseline-report.xml](./zap-baseline-report.xml)
+- **zap-reports**
+  - [README.md](./README.md)
+  - [angular-xss-sbom.json](./angular-xss-sbom.json)
+  - [codeql-results.sarif](./codeql-results.sarif)
+  - [dependency-check-report.sarif](./dependency-check-report.sarif)
+  - [proper-zap-format.xml](./proper-zap-format.xml)
+  - [report_html.html](./report_html.html)
+  - [report_json.json](./report_json.json)
+  - [report_md.md](./report_md.md)
+  - [trufflehog-results.json](./trufflehog-results.json)
+  - [zap-baseline-report.json](./zap-baseline-report.json)
+  - [zap-baseline-report.xml](./zap-baseline-report.xml)

docs/reports/angular-xss-api-sbom.json

@@ -0,0 +1,36 @@
+{
+  "bomFormat": "CycloneDX",
+  "specVersion": "1.3",
+  "serialNumber": "urn:uuid:6a572d60-13f1-47f7-83b4-fa39b1896aaa",
+  "version": 1,
+  "metadata": {
+    "timestamp": "2025-09-07T17:22:49.558Z",
+    "tools": [
+      {
+        "vendor": "CycloneDX",
+        "name": "Node.js module",
+        "version": "3.10.6"
+      }
+    ],
+    "component": {
+      "type": "library",
+      "bom-ref": "pkg:npm/api@1.0.0",
+      "name": "api",
+      "version": "1.0.0",
+      "licenses": [
+        {
+          "license": {
+            "id": "ISC"
+          }
+        }
+      ],
+      "purl": "pkg:npm/api@1.0.0"
+    }
+  },
+  "components": [],
+  "dependencies": [
+    {
+      "ref": "pkg:npm/api@1.0.0"
+    }
+  ]
+}

docs/reports/angular-xss-frontend-sbom.json

@@ -0,0 +1,29 @@
+{
+  "bomFormat": "CycloneDX",
+  "specVersion": "1.3",
+  "serialNumber": "urn:uuid:b9f12964-305f-4277-b404-5f4cfaf1a22c",
+  "version": 1,
+  "metadata": {
+    "timestamp": "2025-09-07T17:22:49.967Z",
+    "tools": [
+      {
+        "vendor": "CycloneDX",
+        "name": "Node.js module",
+        "version": "3.10.6"
+      }
+    ],
+    "component": {
+      "type": "library",
+      "bom-ref": "pkg:npm/frontend@0.0.0",
+      "name": "frontend",
+      "version": "0.0.0",
+      "purl": "pkg:npm/frontend@0.0.0"
+    }
+  },
+  "components": [],
+  "dependencies": [
+    {
+      "ref": "pkg:npm/frontend@0.0.0"
+    }
+  ]
+}

docs/reports/report_html.html

@@ -208,11 +208,11 @@ <h1>
 	<h2>
 
 
-		Sites: https://tracking-protection.cdn.mozilla.net http://localhost:4200
+		Sites: https://tracking-protection.cdn.mozilla.net https://shavar.services.mozilla.com http://localhost:4200
 	</h2>
 
 	<h3>
-		Generated on Sun, 7 Sept 2025 16:43:36
+		Generated on Sun, 7 Sept 2025 17:25:58
 	</h3>
 
 	<h3>
@@ -363,22 +363,22 @@ <h3>Alerts</h3>
 			<tr>
 				<td><a href="#90005">Sec-Fetch-Dest Header is Missing</a></td>
 				<td align="center" class="risk-0">Informational</td>
-				<td align="center">2</td>
+				<td align="center">3</td>
 			</tr>
 			<tr>
 				<td><a href="#90005">Sec-Fetch-Mode Header is Missing</a></td>
 				<td align="center" class="risk-0">Informational</td>
-				<td align="center">2</td>
+				<td align="center">3</td>
 			</tr>
 			<tr>
 				<td><a href="#90005">Sec-Fetch-Site Header is Missing</a></td>
 				<td align="center" class="risk-0">Informational</td>
-				<td align="center">2</td>
+				<td align="center">3</td>
 			</tr>
 			<tr>
 				<td><a href="#90005">Sec-Fetch-User Header is Missing</a></td>
 				<td align="center" class="risk-0">Informational</td>
-				<td align="center">2</td>
+				<td align="center">3</td>
 			</tr>
 			<tr>
 				<td><a href="#10049">Storable and Cacheable Content</a></td>
@@ -3113,6 +3113,37 @@ <h3>Alert Detail</h3>
 						<td width="80%"></td>
 					</tr>
 
+					<tr>
+						<td width="20%"
+							class="indent1">URL</td>
+						<td width="80%"><a href="http://localhost:4200/robots.txt">http://localhost:4200/robots.txt</a></td>
+					</tr>
+					<tr>
+						<td width="20%"
+							class="indent2">Method</td>
+						<td width="80%">GET</td>
+					</tr>
+					<tr>
+						<td width="20%"
+							class="indent2">Parameter</td>
+						<td width="80%">Sec-Fetch-Dest</td>
+					</tr>
+					<tr>
+						<td width="20%"
+							class="indent2">Attack</td>
+						<td width="80%"></td>
+					</tr>
+					<tr>
+						<td width="20%"
+							class="indent2">Evidence</td>
+						<td width="80%"></td>
+					</tr>
+					<tr>
+						<td width="20%"
+							class="indent2">Other Info</td>
+						<td width="80%"></td>
+					</tr>
+				
 					<tr>
 						<td width="20%"
 							class="indent1">URL</td>
@@ -3146,7 +3177,7 @@ <h3>Alert Detail</h3>
 
 				<tr>
 					<td width="20%">Instances</td>
-					<td width="80%">2</td>
+					<td width="80%">3</td>
 				</tr>
 				<tr>
 					<td width="20%">Solution</td>
@@ -3228,6 +3259,37 @@ <h3>Alert Detail</h3>
 						<td width="80%"></td>
 					</tr>
 
+					<tr>
+						<td width="20%"
+							class="indent1">URL</td>
+						<td width="80%"><a href="http://localhost:4200/robots.txt">http://localhost:4200/robots.txt</a></td>
+					</tr>
+					<tr>
+						<td width="20%"
+							class="indent2">Method</td>
+						<td width="80%">GET</td>
+					</tr>
+					<tr>
+						<td width="20%"
+							class="indent2">Parameter</td>
+						<td width="80%">Sec-Fetch-Mode</td>
+					</tr>
+					<tr>
+						<td width="20%"
+							class="indent2">Attack</td>
+						<td width="80%"></td>
+					</tr>
+					<tr>
+						<td width="20%"
+							class="indent2">Evidence</td>
+						<td width="80%"></td>
+					</tr>
+					<tr>
+						<td width="20%"
+							class="indent2">Other Info</td>
+						<td width="80%"></td>
+					</tr>
+				
 					<tr>
 						<td width="20%"
 							class="indent1">URL</td>
@@ -3261,7 +3323,7 @@ <h3>Alert Detail</h3>
 
 				<tr>
 					<td width="20%">Instances</td>
-					<td width="80%">2</td>
+					<td width="80%">3</td>
 				</tr>
 				<tr>
 					<td width="20%">Solution</td>
@@ -3343,6 +3405,37 @@ <h3>Alert Detail</h3>
 						<td width="80%"></td>
 					</tr>
 
+					<tr>
+						<td width="20%"
+							class="indent1">URL</td>
+						<td width="80%"><a href="http://localhost:4200/robots.txt">http://localhost:4200/robots.txt</a></td>
+					</tr>
+					<tr>
+						<td width="20%"
+							class="indent2">Method</td>
+						<td width="80%">GET</td>
+					</tr>
+					<tr>
+						<td width="20%"
+							class="indent2">Parameter</td>
+						<td width="80%">Sec-Fetch-Site</td>
+					</tr>
+					<tr>
+						<td width="20%"
+							class="indent2">Attack</td>
+						<td width="80%"></td>
+					</tr>
+					<tr>
+						<td width="20%"
+							class="indent2">Evidence</td>
+						<td width="80%"></td>
+					</tr>
+					<tr>
+						<td width="20%"
+							class="indent2">Other Info</td>
+						<td width="80%"></td>
+					</tr>
+				
 					<tr>
 						<td width="20%"
 							class="indent1">URL</td>
@@ -3376,7 +3469,7 @@ <h3>Alert Detail</h3>
 
 				<tr>
 					<td width="20%">Instances</td>
-					<td width="80%">2</td>
+					<td width="80%">3</td>
 				</tr>
 				<tr>
 					<td width="20%">Solution</td>
@@ -3458,6 +3551,37 @@ <h3>Alert Detail</h3>
 						<td width="80%"></td>
 					</tr>
 
+					<tr>
+						<td width="20%"
+							class="indent1">URL</td>
+						<td width="80%"><a href="http://localhost:4200/robots.txt">http://localhost:4200/robots.txt</a></td>
+					</tr>
+					<tr>
+						<td width="20%"
+							class="indent2">Method</td>
+						<td width="80%">GET</td>
+					</tr>
+					<tr>
+						<td width="20%"
+							class="indent2">Parameter</td>
+						<td width="80%">Sec-Fetch-User</td>
+					</tr>
+					<tr>
+						<td width="20%"
+							class="indent2">Attack</td>
+						<td width="80%"></td>
+					</tr>
+					<tr>
+						<td width="20%"
+							class="indent2">Evidence</td>
+						<td width="80%"></td>
+					</tr>
+					<tr>
+						<td width="20%"
+							class="indent2">Other Info</td>
+						<td width="80%"></td>
+					</tr>
+				
 					<tr>
 						<td width="20%"
 							class="indent1">URL</td>
@@ -3491,7 +3615,7 @@ <h3>Alert Detail</h3>
 
 				<tr>
 					<td width="20%">Instances</td>
-					<td width="80%">2</td>
+					<td width="80%">3</td>
 				</tr>
 				<tr>
 					<td width="20%">Solution</td>