Hi All,
We just deployed a new version of Stooge with some minor updates:
* We now correctly show A+ ratings for the SSL check (like
accounts.firefox.com has)
* The CSP Checks have been simplified: we now just check for the presence of a CSP header, whether the header is correctly formed and if the header contains a Reporting URL
Please check if the CSP-Valid flag is green for your CSP enabled sites. We don’t show details yet, that will come in a followup release, but if it is red then you can simply check the awesome Firefox Developer Tools console to find out what is wrong with the header you have set. (For example, we have seen some that use incorrect or deprecated directives)
https://stooge.mozillalabs.com
S.