Scan your site now

Security Report Summary
E
Site:
Scanned Site(s):
1
IP Address:
151.101.64.217
Report Time:
22 Nov 2019 13:03:23 UTC
Checks:
Window Referrer
Window Opener
Comments
Enabled Debugging
Unsafe Functions
Warning:
Please have a look at the security issues / warnings in the report.
Security Issues
Window Referrer
  • window.open(url,self.options.popup_id,windowPropertiesConcat);[https://f.vimeocdn.com/js_opt/clip_combined.min.js?63f4d4d8]
Warnings
Comments
Comments should be removed from the public code of a web application, since it can give an aggressor critical insights into the inner structure of the program. By using this information, the attacker could easier understand how the user session is handled by javascript or figure out the pathway data is sent to the server.
  • /* AB TEST - Enterprise Link on Topnav (JS.Topnav.EnterpriseLink | show_enterprise) */[https://vimeo.com/166913294]
  • /** * Because single page applications such as the app shell will be tracking * Fatal Attraction page views on React lifecycle hooks (componentDidMount) * we want to avoid dispatching the pageview event from the PHP template * and defer this sort of tracking logic to the front end. * * This check allows us to declare in a controller whether or not we * want to dispatch that preliminary pageview. * * The property is additive only, as to not affect existing pageviews. */[https://vimeo.com/166913294]
  • /** * Add server side ABLincoln experiments to GTM data layer. */[https://vimeo.com/166913294]
  • /*|*/[https://f.vimeocdn.com/js_opt/react_prod_combined.min.js?f57646b3]
  • /*|*/[https://f.vimeocdn.com/js_opt/react_prod_combined.min.js?f57646b3]
  • /*|*/[https://f.vimeocdn.com/js_opt/react_prod_combined.min.js?f57646b3]
  • /*|*/[https://f.vimeocdn.com/js_opt/react_prod_combined.min.js?f57646b3]
  • /*|*/[https://f.vimeocdn.com/js_opt/react_prod_combined.min.js?f57646b3]
  • /*|*/[https://f.vimeocdn.com/js_opt/react_prod_combined.min.js?f57646b3]
  • /* sc-component-id: "+e+" */[https://f.vimeocdn.com/js_opt/react_prod_combined.min.js?f57646b3]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /** * @license * Lodash <https://lodash.com/> * Copyright JS Foundation and other contributors <https://js.foundation/> * Released under MIT license <https://lodash.com/license> * Based on Underscore.js 1.8.3 <http://underscorejs.org/LICENSE> * Copyright Jeremy Ashkenas, DocumentCloud and Investigative Reporters & Editors */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /* [wrapped with "+t+"] */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! Copyright (c) 2016 Jed Watson. Licensed under the MIT License (MIT), see http://jedwatson.github.io/classnames*/[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! Copyright (c) 2016 Jed Watson. Licensed under the MIT License (MIT), see http://jedwatson.github.io/classnames*/[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /* "+this._i+" */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /* "+this._i+" */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! Copyright (c) 2017 Jed Watson. Licensed under the MIT License (MIT), see http://jedwatson.github.io/classnames*/[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! Copyright (c) 2017 Jed Watson. Licensed under the MIT License (MIT), see http://jedwatson.github.io/classnames*/[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*\.info(\/|$)/,"/")),p(e)},m=t.isValidPriority=function(e){return null===e||"string"==typeof e||"number"==typeof e&&!(0,a.isInvalidJSONNumber)(e)||e&&"object"===(void 0===e?"undefined":r(e))&&(0,o.contains)(e,".sv")},v=(t.validateFirebaseDataArg=function(e,t,n,r,i){i&&void 0===n||v((0,s.errorPrefix)(e,t,i),n,r)},t.validateFirebaseData=function e(t,n,s){var u=s instanceof i.Path?new i.ValidationPath(s,t):s;if(void 0===n)throw new Error(t+"contains undefined "+u.toErrorString());if("function"==typeof n)throw new Error(t+"contains a function "+u.toErrorString()+" with contents = "+n.toString());if((0,a.isInvalidJSONNumber)(n))throw new Error(t+"contains "+n.toString()+" "+u.toErrorString());if("string"==typeof n&&n.length>f/3&&(0,c.stringLength)(n)>f)throw new Error(t+"contains a string greater than "+f+" utf8 bytes "+u.toErrorString()+" ('"+n.substring(0,50)+"...')");if(n&&"object"===(void 0===n?"undefined":r(n))){var l=!1,p=!1;if((0,o.forEach)(n,function(n,r){if(".value"===n)l=!0;else if(".priority"!==n&&".sv"!==n&&(p=!0,!d(n)))throw new Error(t+" contains an invalid key ("+n+") "+u.toErrorString()+'. Keys must be non-empty strings and can\'t contain ".", "#", "$", "/", "[", or "]"');u.push(n),e(t,r,u),u.pop()}),l&&p)throw new Error(t+' contains ".value" child '+u.toErrorString()+" in addition to actual children.")}}),g=t.validateFirebaseMergePaths=function(e,t){var n,r;for(n=0;n<t.length;n++)for(var o=(r=t[n]).slice(),a=0;a<o.length;a++)if(".priority"===o[a]&&a===o.length-1);else if(!d(o[a]))throw new Error(e+"contains an invalid key ("+o[a]+") in path "+r.toString()+'. Keys must be non-empty strings and can\'t contain ".", "#", "$", "/", "[", or "]"');t.sort(i.Path.comparePaths);var s=null;for(n=0;n<t.length;n++){if(r=t[n],null!==s&&s.contains(r))throw new Error(e+"contains a path "+s.toString()+" that is ancestor of another path "+r.toString());s=r}},y=(t.validateFirebaseMergeDataArg=function(e,t,n,a,c){if(!c||void 0!==n){var u=(0,s.errorPrefix)(e,t,c);if(!n||"object"!==(void 0===n?"undefined":r(n))||Array.isArray(n))throw new Error(u+" must be an object containing the children to replace.");var l=[];(0,o.forEach)(n,function(e,t){var n=new i.Path(e);if(v(u,t,a.child(n)),".priority"===n.getBack()&&!m(t))throw new Error(u+"contains an invalid value for '"+n.toString()+"', which must be a valid Firebase priority (a string, finite number, server value, or null).");l.push(n)}),g(u,l)}},t.validatePriority=function(e,t,n,r){if(!r||void 0!==n){if((0,a.isInvalidJSONNumber)(n))throw new Error((0,s.errorPrefix)(e,t,r)+"is "+n.toString()+", but must be a valid Firebase priority (a string, finite number, server value, or null).");if(!m(n))throw new Error((0,s.errorPrefix)(e,t,r)+"must be a valid Firebase priority (a string, finite number, server value, or null).")}},t.validateEventType=function(e,t,n,r){if(!r||void 0!==n)switch(n){case"value":case"child_added":case"child_removed":case"child_changed":case"child_moved":break;default:throw new Error((0,s.errorPrefix)(e,t,r)+'must be a valid event type = "value", "child_added", "child_removed", "child_changed", or "child_moved".')}},t.validateKey=function(e,t,n,r){if(!(r&&void 0===n||d(n)))throw new Error((0,s.errorPrefix)(e,t,r)+'was an invalid key = "'+n+'". Firebase keys must be non-empty strings and can\'t contain ".", "#", "$", "/", "[", or "]").')},t.validatePathString=function(e,t,n,r){if(!(r&&void 0===n||p(n)))throw new Error((0,s.errorPrefix)(e,t,r)+'was an invalid path = "'+n+'". Paths must be non-empty strings and can\'t contain ".", "#", "$", "[", or "]"')});t.validateRootPathString=function(e,t,n,r){n&&(n=n.replace(/^\/*\.info(\/|$)/,"/")),y(e,t,n,r)},t.validateWritablePath=function(e,t){if(".info"===t.getFront())throw new Error(e+" failed = Can't modify data under /.info/")},t.validateUrl=function(e,t,n){var r=n.path.toString();if("string"!=typeof n.repoInfo.host||0===n.repoInfo.host.length||!d(n.repoInfo.namespace)||0!==r.length&&!h(r))throw new Error((0,s.errorPrefix)(e,t,!1)+'must be a valid firebase URL and the path can\'t contain ".", "#", "$", "[", or "]".')},t.validateCredential=function(e,t,n,r){if((!r||void 0!==n)&&"string"!=typeof n)throw new Error((0,s.errorPrefix)(e,t,r)+"must be a valid credential (a string).")},t.validateBoolean=function(e,t,n,r){if((!r||void 0!==n)&&"boolean"!=typeof n)throw new Error((0,s.errorPrefix)(e,t,r)+"must be a boolean.")},t.validateString=function(e,t,n,r){if((!r||void 0!==n)&&"string"!=typeof n)throw new Error((0,s.errorPrefix)(e,t,r)+"must be a valid string.")},t.validateObject=function(e,t,n,i){if(!(i&&void 0===n||n&&"object"===(void 0===n?"undefined":r(n))&&null!==n))throw new Error((0,s.errorPrefix)(e,t,i)+"must be a valid object.")},t.validateObjectContainsKey=function(e,t,n,i,a,c){if(!(n&&"object"===(void 0===n?"undefined":r(n))&&(0,o.contains)(n,i))){if(a)return;throw new Error((0,s.errorPrefix)(e,t,a)+'must contain the key "'+i+'"')}if(c){var u=(0,o.safeGet)(n,i);if("number"===c&&"number"!=typeof u||"string"===c&&"string"!=typeof u||"boolean"===c&&"boolean"!=typeof u||"function"===c&&"function"!=typeof u||"object"===c&&"object"!==(void 0===u?"undefined":r(u))&&u)throw a?new Error((0,s.errorPrefix)(e,t,a)+'contains invalid value for key "'+i+'" (must be of type "'+c+'")'):new Error((0,s.errorPrefix)(e,t,a)+'must contain the key "'+i+'" with type "'+c+'"')}}},function(e,t,n){"use strict";/*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! tether 1.4.4 */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /* height 80 and width 138 as per design, doing it this way so that the clips maintains \n * width to height ratio in case parent element is of different dimensions\n */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! @license Firebase v4.2.0Build: rev-d6b2db4Terms: https://firebase.google.com/terms/ */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! Native Promise Only v0.8.1 (c) Kyle Simpson MIT License: http://getify.mit-license.org*/[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! Native Promise Only v0.8.1 (c) Kyle Simpson MIT License: http://getify.mit-license.org*/[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! * JavaScript Cookie v2.2.0 * https://github.com/js-cookie/js-cookie * * Copyright 2006, 2015 Klaus Hartl & Fagner Brack * Released under the MIT license */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*object-assign(c) Sindre Sorhus@license MIT*/[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /* for giving required height to display the thumbnail */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /* [wrapped with "+t+"] */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /**! * @fileOverview Kickass library to create and place poppers near their reference elements. * @version 1.14.3 * @license * Copyright (c) 2016 Federico Zivolo and contributors * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in all * copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE * SOFTWARE. */[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! Copyright (c) 2017 Jed Watson. Licensed under the MIT License (MIT), see http://jedwatson.github.io/classnames*/[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
  • /*! Copyright (c) 2017 Jed Watson. Licensed under the MIT License (MIT), see http://jedwatson.github.io/classnames*/[https://f.vimeocdn.com/js_opt/_bundles/clip.bundle.min.js?14a96de1]
Enabled Debugging
The JavaScript debugging functions should always removed after development stage, because they could expose informations on the inner workings of the code. In production, it is a loophole and could show a possible attacker where to find possibly exploitable vulnerabilities or interesting variables.
  • console.log('ABLincoln.setDebug: Debug mode set to "'+debug_mode+'"');[https://f.vimeocdn.com/js_opt/ablincoln_combined.min.js?388cfb8d]
  • console.log(msg)}};if(window.ablincoln_config&&window.ablincoln_config.tests){window.ABLincoln=new ABLincoln(window.ablincoln_config.tests,window.ablincoln_config.user,window.ablincoln_config.disabled)}})(window,document);[https://f.vimeocdn.com/js_opt/ablincoln_combined.min.js?388cfb8d]
  • console.log(xhr)};vimeo.ui.forager.Main.prototype.deselectAll=function(){this.collection.deselectAll()};vimeo.ui.forager.Main.prototype.filterSelected=function(){var self=this,at_least_one=false;self.current_filter=FILTER_SELECTED;self.setSelectedFilter();[https://f.vimeocdn.com/js_opt/clip_beta_libs_async_combined.min.js?a9e24961]
Unsafe Functions
eval() is eval! This functions and similar ones (document.write(), document.writeln(), element.innerHTML, element.outerHTML, element.insertAdjacentHTML()) should never be used in production stage of a website, because the parsing of the executable string is often not secure and result therefore often in a cross-site scripting vulnerability. Instead of these functions create html elements by script and add it to the DOM object.
  • document.write(c);[https://f.vimeocdn.com/js_opt/clip_beta_libs_async_combined.min.js?a9e24961]
  • document.write(d);[https://f.vimeocdn.com/js_opt/clip_beta_libs_async_combined.min.js?a9e24961]
Additional Information
Link Opener
The window.open("https://example.com/", "_blanc", "noopener"); attribute should always be added to the window.open() function, which open a site in a new tab, to reduce the risk of reverse tabnabbing. Otherwise javascript on the new page has full control over the previous visited page, including permission to change the DOM object and possibly steal session cookies.
Link Referrer
The window.open("https://example.com/", "_blanc", "referrer"); attribute should always be added to the window.open() function to prevent reverse tabnabbing for older browser, which do not support the noopener attribute and to prevent phishing attacks.
Comments
Comments should be removed from the public code of a web application, since it can give an aggressor critical insights into the inner structure of the program. By using this information, the attacker could easier understand how the user session is handled by javascript or figure out the pathway data is sent to the server.
Enabled Debugging
The JavaScript debugging functions should always removed after development stage, because they could expose informations on the inner workings of the code. In production, it is a loophole and could show a possible attacker where to find possibly exploitable vulnerabilities or interesting variables.
Unsafe Functions
eval() is eval! This functions and similar ones (document.write(), document.writeln(), element.innerHTML, element.outerHTML, element.insertAdjacentHTML()) should never be used in production stage of a website, because the parsing of the executable string is often not secure and result therefore often in a cross-site scripting vulnerability. Instead of these functions create html elements by script and add it to the DOM object.
Scanned URL(s)
Los Angeles SEO | Phoenix SEO | NYC SEO | Internet Marketing Agency on Vimeo