Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add pages build scan documentation #2491

Merged
merged 1 commit into from
Apr 11, 2024
Merged

add pages build scan documentation #2491

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Binary file added _assets/images/pages/build-scans.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
2 changes: 2 additions & 0 deletions _data/pages/navigation.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,8 @@ sidenav:
href: /pages/documentation/custom-headers/
- text: Federalist.json
href: /pages/documentation/federalist-json/
- text: Build Scans
href: /pages/documentation/build-scans/
- text: For developers
href: /pages/documentation/
subfolderitems:
Expand Down
22 changes: 22 additions & 0 deletions _pages/pages/documentation/build-scans.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
---
title: Build Scans
permalink: /pages/documentation/build-scans/
layout: docs
navigation: pages
sidenav: pages-documentation
---


Builds Scans are a new experimental feature being offered by Pages.

For select site builds, users can see scan results which check their website for security vulnerabilities, accessibility violations, and other relevant information to help improve their site. These scans begin running after a build completes. When the scan finishes, the results are available as downloadable HTML files for easy sharing among team members. There are currently two scans available: ZAP Security Scan and Accessibility Scan. If you are interested in being part of the beta test of this new feature, please email us at [email protected].

![Build Scan Example]({{site.baseurl}}/assets/images/pages/build-scans.png)

## ZAP Security Scan

The ZAP Security Scan tests your published website for common security vulnerabilities. It uses the [Zed Attack Proxy (ZAP)](https://www.zaproxy.org/) software to passively scan the site for vulnerabilities but does not perform any attack or attempt to maliciously modify your site code. Example security findings include unintended exposure of sensitive data, SQL injection opportunities, cross-site scripting (XSS) flaws, and the use of components with known vulnerabilities. More details about the scan mechanisms and the resulting file output can be found at [ZAP - Baseline Scan](https://www.zaproxy.org/docs/docker/baseline-scan/)

## Accessibility Scan

This scan identifies website accessibility violations from [Section 508](https://www.section508.gov/) and the [latest WCAG version](https://www.w3.org/TR/WCAG22/). The scan first crawls your website to identify all pages to test. It then uses the open source portion of [`axe`](https://www.deque.com/axe/) to identify accessibility violations. The final scan is a custom report generated from the `axe` output.
Loading