# Scoring

## SSL Labs
![alt text](./scoring/SSL_Labs.png?raw=true)

## Mozilla Observatory
![alt text](./scoring/Mozilla_Observatory.png?raw=true)

# Additional Score Commentary:

## Mozilla Observatory

Current CSP requires the use of unsafe-inline for style-src.

The relevant issue can be found at: https://github.com/nextcloud/server/issues/1185
	and at: https://help.nextcloud.com/t/content-security-policy-config/28146/2