See:
https://webhint.io/scanner/f83c34a7-3368-41fe-86dc-8b80ae0fa042#category-securityEspecially as it is presented as security-related recommendations.
Retirable jQuery libraries detected:
Retire.js
jquery 3.3.1 Found in -https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js<br>Vulnerability info:
Low CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution 123
Medium Regex in its jQuery.htmlPrefilter sometimes may introduce XSS
DOM-XSS Results from scanning URL: -http://angularjs.org
Number of sources found: 1
Number of sinks found: 63
Results from scanning URL: -https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Number of sources found: 34
Number of sinks found: 15
Results from scanning URL: -https://ajax.googleapis.com/ajax/libs/angularjs/1.7.9/angular-animate.min.js
Number of sources found: 1
Number of sinks found: 1
Results from scanning URL: -http://angularjs.org/js/download-data.js
Number of sources found: 2
Number of sinks found: 0
Results from scanning URL: -http://angularjs.org/js/download-data.js
Number of sources found: 8
Number of sinks found: 11
Results from scanning URL: -https://cdn.firebase.com/libs/angularfire/0.9.0/angularfire.min.js
Number of sources found: 1
Number of sinks found: 5
Results from scanning URL: -https://cdn.firebase.com/libs/angularfire/0.9.0/angularfire.min.js
Number of sources found: 1
Number of sinks found: 5
Results from scanning URL: -https://platform.twitter.com/widgets.js (important see webcookie report)
Number of sources found: 72
Number of sinks found: 14
Results from scanning URL: -https://ajax.googleapis.com/ajax/libs/angularjs/1.7.9/angular.min.js
Number of sources found: 114
Number of sinks found: 29
B-grade scan results:
https://webcookies.org/cookies/angularjs.org/30507819?323242Quick Source JS -> Javascript 23 (external 15, inline
-ssl.google-analytics.com/ga.js
INLINE: (function() { let alreadyInsertedMetaTag = false function __insertDappDete
1,238 bytes
-ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
86,927 bytes Expires: Sun, 16 May 2021 22:32:14 GMT
-ajax.googleapis.com/ajax/libs/angularjs/1.7.9/angular.min.js
-ajax.googleapis.com/ajax/libs/angularjs/1.7.9/angular-animate.min.js
INLINE: angular.module('todoApp', []) .controller('TodoListController', f
928 bytes
INLINE: angular.module('components', []) .directive('tabs', function() {
1,631 bytes
INLINE: angular.module('app-us', ['app', 'ngLocal.us']); angular.module('ap
115 bytes
INLINE: angular.module('app', ['components']) .controller('BeerCounter', f
518 bytes
-angularjs.org/google-code-prettify/prettify.min.js
-angularjs.org/js/homepage.js
-angularjs.org/js/download-data.js
-cdnjs.cloudflare.com/ajax/libs/angular-ui-bootstrap/1.1.2/ui-bootstrap-tpls.min.js
-ajax.googleapis.com/ajax/libs/angularjs/1.7.9/angular-resource.min.js
-ajax.googleapis.com/ajax/libs/angularjs/1.7.9/angular-route.min.js
-cdn.firebase.com/js/client/2.0.4/firebase.js
-cdn.firebase.com/libs/angularfire/0.9.0/angularfire.min.js
-code.angularjs.org/1.7.9/i18n/angular-locale_sk.js
INLINE: angular.module('ngLocal.sk', [])._configBlocks.push(angular.module('ngLocal
105 bytes
code.angularjs.org/1.7.9/i18n/angular-locale_en-us.js
INLINE: angular.module('ngLocal.us', [])._configBlocks.push(angular.module('ngLocal
177 bytes
-platform.twitter.com/widgets.js
INLINE: var _gaq=[ ['_setAccount','UA-8594346-3'], ['_setDomainName', '
491 bytes
Blacklisted subresources: -https://platform.twitter.com/widgets.js
-https://ssl.google-analytics.com/ga.js
-https://syndication.twitter.com/settings
polonus