diff --git a/zap-report/index.html b/zap-report/index.html index 48fbae1c..dfa511e0 100644 --- a/zap-report/index.html +++ b/zap-report/index.html @@ -17,7 +17,7 @@

ZAP Scanning Report

Generated with ZAP - on Thu 21 Mar 2024, at 09:40:21 + on Thu 21 Mar 2024, at 09:52:43

ZAP Version: 2.14.0

@@ -441,8 +441,8 @@

Alert counts by alert type

Session Management Response Identified Informational - 199
(2,842.9%) + 201
(2,871.4%) @@ -522,14 +522,14 @@
Request
- Request line and header section (448 bytes) + Request line and header section (446 bytes) 
GET https://manage-a-supervision-dev.hmpps.service.justice.gov.uk/assets HTTP/1.1
 host: manage-a-supervision-dev.hmpps.service.justice.gov.uk
 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
 pragma: no-cache
 cache-control: no-cache
-Cookie: hmpps-manage-a-supervision-ui.session=s%3AiUOnH8u_t2R5MVC4G-s_39Qit6k4rsB5.PWOBjHCRMxSrM6zodzQata%2F5p%2FQ%2FH0RzgwjzBHXnhe0
+Cookie: hmpps-manage-a-supervision-ui.session=s%3Ab8sVoYxFsGl2s0MZinT5NNuW9ZQncvC6.WOtP%2BTgnyv657jX%2BKjAxQF0vkYKWzUd3JwoAbX9Z9yA
@@ -545,10 +545,10 @@
Response
- Status line and header section (970 bytes) + Status line and header section (968 bytes) 
HTTP/1.1 301 Moved Permanently
-Date: Thu, 21 Mar 2024 09:38:56 GMT
+Date: Thu, 21 Mar 2024 09:51:20 GMT
 Content-Type: text/html; charset=UTF-8
 Content-Length: 179
 Connection: keep-alive
@@ -566,10 +566,10 @@ 

 X-Frame-Options: SAMEORIGIN
 X-Permitted-Cross-Domain-Policies: none
 X-XSS-Protection: 0
-X-Request-Id: ae1cef961cd60bf8d95cb40d8440fc18
+X-Request-Id: ceee73ec122a342d0107782599088917
 Location: /assets/
 Vary: Accept-Encoding
-Set-Cookie: hmpps-manage-a-supervision-ui.session=s%3AiUOnH8u_t2R5MVC4G-s_39Qit6k4rsB5.PWOBjHCRMxSrM6zodzQata%2F5p%2FQ%2FH0RzgwjzBHXnhe0; Path=/; Expires=Thu, 21 Mar 2024 11:38:56 GMT; HttpOnly; Secure; SameSite=Lax
+Set-Cookie: hmpps-manage-a-supervision-ui.session=s%3Ab8sVoYxFsGl2s0MZinT5NNuW9ZQncvC6.WOtP%2BTgnyv657jX%2BKjAxQF0vkYKWzUd3JwoAbX9Z9yA; Path=/; Expires=Thu, 21 Mar 2024 11:51:20 GMT; HttpOnly; Secure; SameSite=Lax
@@ -686,15 +686,15 @@
Request
- Request line and header section (550 bytes) + Request line and header section (549 bytes) 
GET https://manage-a-supervision-dev.hmpps.service.justice.gov.uk/assets/images/favicon.svg HTTP/1.1
 host: manage-a-supervision-dev.hmpps.service.justice.gov.uk
 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
 pragma: no-cache
 cache-control: no-cache
-referer: https://manage-a-supervision-dev.hmpps.service.justice.gov.uk/case/X756510
-Cookie: hmpps-manage-a-supervision-ui.session=s%3A7RglJVFpnFQyqsaTTG6BWw3pgpPirRqC.g7LL54JNT%2FGIprcTsc6CgY3TloNXhJmBuqt9hXPm9%2FY
+referer: https://manage-a-supervision-dev.hmpps.service.justice.gov.uk/sitemap.xml
+Cookie: hmpps-manage-a-supervision-ui.session=s%3Ab8sVoYxFsGl2s0MZinT5NNuW9ZQncvC6.WOtP%2BTgnyv657jX%2BKjAxQF0vkYKWzUd3JwoAbX9Z9yA
@@ -710,15 +710,15 @@
Response
- Status line and header section (1388 bytes) + Status line and header section (1386 bytes) 
HTTP/1.1 200 OK
-Date: Thu, 21 Mar 2024 09:39:12 GMT
+Date: Thu, 21 Mar 2024 09:51:21 GMT
 Content-Type: image/svg+xml
 Content-Length: 1846
 Connection: keep-alive
 request-context: appId=cid-v1:
-Content-Security-Policy: default-src 'self';script-src 'self' 'nonce-015266ee4973a7b4c02f73bb763aaa66';style-src 'self' 'nonce-015266ee4973a7b4c02f73bb763aaa66';font-src 'self';form-action 'self' https://sign-in-dev.hmpps.service.justice.gov.uk/auth;base-uri 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
+Content-Security-Policy: default-src 'self';script-src 'self' 'nonce-fc658714c46cf3810a61acdebf3af7de';style-src 'self' 'nonce-fc658714c46cf3810a61acdebf3af7de';font-src 'self';form-action 'self' https://sign-in-dev.hmpps.service.justice.gov.uk/auth;base-uri 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
 Cross-Origin-Embedder-Policy: require-corp
 Cross-Origin-Opener-Policy: same-origin
 Cross-Origin-Resource-Policy: same-origin
@@ -731,13 +731,13 @@ 

 X-Frame-Options: SAMEORIGIN
 X-Permitted-Cross-Domain-Policies: none
 X-XSS-Protection: 0
-X-Request-Id: b4c32564cd2f38876b8ac9edfe25f033
+X-Request-Id: 3d2846b347ee8de7ed32b5b73547791e
 Accept-Ranges: bytes
 Cache-Control: public, max-age=3600
 Last-Modified: Tue, 19 Mar 2024 14:46:09 GMT
 ETag: W/"736-18e572d4768"
 Vary: Accept-Encoding
-Set-Cookie: hmpps-manage-a-supervision-ui.session=s%3A7RglJVFpnFQyqsaTTG6BWw3pgpPirRqC.g7LL54JNT%2FGIprcTsc6CgY3TloNXhJmBuqt9hXPm9%2FY; Path=/; Expires=Thu, 21 Mar 2024 11:39:12 GMT; HttpOnly; Secure; SameSite=Lax
+Set-Cookie: hmpps-manage-a-supervision-ui.session=s%3AMy23yE4mf-3kLyEllgjCQvd712PVH9qP.GMpVm4tU0z%2F4cMroMOJ6K3OTvIM4VloIeAQDDI2Btt8; Path=/; Expires=Thu, 21 Mar 2024 11:51:21 GMT; HttpOnly; Secure; SameSite=Lax
@@ -831,14 +831,14 @@
Request
- Request line and header section (484 bytes) + Request line and header section (482 bytes) 
GET https://manage-a-supervision-dev.hmpps.service.justice.gov.uk/assets/stylesheets/application.css?e33e35a HTTP/1.1
 host: manage-a-supervision-dev.hmpps.service.justice.gov.uk
 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
 pragma: no-cache
 cache-control: no-cache
-Cookie: hmpps-manage-a-supervision-ui.session=s%3AiUOnH8u_t2R5MVC4G-s_39Qit6k4rsB5.PWOBjHCRMxSrM6zodzQata%2F5p%2FQ%2FH0RzgwjzBHXnhe0
+Cookie: hmpps-manage-a-supervision-ui.session=s%3Ab8sVoYxFsGl2s0MZinT5NNuW9ZQncvC6.WOtP%2BTgnyv657jX%2BKjAxQF0vkYKWzUd3JwoAbX9Z9yA
@@ -854,15 +854,15 @@
Response
- Status line and header section (1404 bytes) + Status line and header section (1402 bytes) 
HTTP/1.1 200 OK
-Date: Thu, 21 Mar 2024 09:38:57 GMT
+Date: Thu, 21 Mar 2024 09:51:21 GMT
 Content-Type: text/css; charset=UTF-8
 Content-Length: 185691
 Connection: keep-alive
 request-context: appId=cid-v1:
-Content-Security-Policy: default-src 'self';script-src 'self' 'nonce-fc3d1b15f73ac2817503c1c68f5a2365';style-src 'self' 'nonce-fc3d1b15f73ac2817503c1c68f5a2365';font-src 'self';form-action 'self' https://sign-in-dev.hmpps.service.justice.gov.uk/auth;base-uri 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
+Content-Security-Policy: default-src 'self';script-src 'self' 'nonce-086b5adfafaf71dfcbccb8d4208b19ab';style-src 'self' 'nonce-086b5adfafaf71dfcbccb8d4208b19ab';font-src 'self';form-action 'self' https://sign-in-dev.hmpps.service.justice.gov.uk/auth;base-uri 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
 Cross-Origin-Embedder-Policy: require-corp
 Cross-Origin-Opener-Policy: same-origin
 Cross-Origin-Resource-Policy: same-origin
@@ -875,13 +875,13 @@ 

 X-Frame-Options: SAMEORIGIN
 X-Permitted-Cross-Domain-Policies: none
 X-XSS-Protection: 0
-X-Request-Id: 2fb795676c54169b875890dd2451aa5c
+X-Request-Id: a9cd6b098352ec55752387c0c00a8326
 Accept-Ranges: bytes
 Cache-Control: public, max-age=3600
 Last-Modified: Tue, 19 Mar 2024 14:46:17 GMT
 ETag: W/"2d55b-18e572d66a8"
 Vary: Accept-Encoding
-Set-Cookie: hmpps-manage-a-supervision-ui.session=s%3AiUOnH8u_t2R5MVC4G-s_39Qit6k4rsB5.PWOBjHCRMxSrM6zodzQata%2F5p%2FQ%2FH0RzgwjzBHXnhe0; Path=/; Expires=Thu, 21 Mar 2024 11:38:57 GMT; HttpOnly; Secure; SameSite=Lax
+Set-Cookie: hmpps-manage-a-supervision-ui.session=s%3Ab8sVoYxFsGl2s0MZinT5NNuW9ZQncvC6.WOtP%2BTgnyv657jX%2BKjAxQF0vkYKWzUd3JwoAbX9Z9yA; Path=/; Expires=Thu, 21 Mar 2024 11:51:21 GMT; HttpOnly; Secure; SameSite=Lax
@@ -977,7 +977,7 @@
Request
- Request line and header section (568 bytes) + Request line and header section (564 bytes) 
GET https://manage-a-supervision-dev.hmpps.service.justice.gov.uk/case/X756510/handoff/oasys HTTP/1.1
 host: manage-a-supervision-dev.hmpps.service.justice.gov.uk
@@ -985,7 +985,7 @@ 

 pragma: no-cache
 cache-control: no-cache
 referer: https://manage-a-supervision-dev.hmpps.service.justice.gov.uk/case/X756510/personal-details
-Cookie: hmpps-manage-a-supervision-ui.session=s%3A7RglJVFpnFQyqsaTTG6BWw3pgpPirRqC.g7LL54JNT%2FGIprcTsc6CgY3TloNXhJmBuqt9hXPm9%2FY
+Cookie: hmpps-manage-a-supervision-ui.session=s%3A02bYmkOWbE9IxWSs0EuAMUfaC78oobHm.A1Ow9dfID90bJ1VbeOhBhIkVIerUptOsZyZgiiW921Y
@@ -1001,15 +1001,15 @@
Response
- Status line and header section (1423 bytes) + Status line and header section (1419 bytes) 
HTTP/1.1 200 OK
-Date: Thu, 21 Mar 2024 09:39:13 GMT
+Date: Thu, 21 Mar 2024 09:51:37 GMT
 Content-Type: text/html; charset=utf-8
 Content-Length: 28437
 Connection: keep-alive
 request-context: appId=cid-v1:
-Content-Security-Policy: default-src 'self';script-src 'self' 'nonce-090a91a5ef8bb189fca1ec182ce2e1b1';style-src 'self' 'nonce-090a91a5ef8bb189fca1ec182ce2e1b1';font-src 'self';form-action 'self' https://sign-in-dev.hmpps.service.justice.gov.uk/auth;base-uri 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
+Content-Security-Policy: default-src 'self';script-src 'self' 'nonce-f00f1d471ba53d20f0b7d1c767ce6fb8';style-src 'self' 'nonce-f00f1d471ba53d20f0b7d1c767ce6fb8';font-src 'self';form-action 'self' https://sign-in-dev.hmpps.service.justice.gov.uk/auth;base-uri 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
 Cross-Origin-Embedder-Policy: require-corp
 Cross-Origin-Opener-Policy: same-origin
 Cross-Origin-Resource-Policy: same-origin
@@ -1022,13 +1022,13 @@ 

 X-Frame-Options: SAMEORIGIN
 X-Permitted-Cross-Domain-Policies: none
 X-XSS-Protection: 0
-X-Request-Id: 1284e86d2d1736654e3a8cfb32226ee3
+X-Request-Id: 7d0b5500c7def9c4b1b372ce26715993
 Surrogate-Control: no-store
 Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
 Expires: 0
-ETag: W/"6f15-zKa89a81yyaUPXt/IRINuSLDQAY"
+ETag: W/"6f15-edNFCalbhnfxEbMdZ0RTb1S72II"
 Vary: Accept-Encoding
-Set-Cookie: hmpps-manage-a-supervision-ui.session=s%3A7RglJVFpnFQyqsaTTG6BWw3pgpPirRqC.g7LL54JNT%2FGIprcTsc6CgY3TloNXhJmBuqt9hXPm9%2FY; Path=/; Expires=Thu, 21 Mar 2024 11:39:13 GMT; HttpOnly; Secure; SameSite=Lax
+Set-Cookie: hmpps-manage-a-supervision-ui.session=s%3A02bYmkOWbE9IxWSs0EuAMUfaC78oobHm.A1Ow9dfID90bJ1VbeOhBhIkVIerUptOsZyZgiiW921Y; Path=/; Expires=Thu, 21 Mar 2024 11:51:37 GMT; HttpOnly; Secure; SameSite=Lax
@@ -1058,7 +1058,7 @@
</head> <body class="govuk-template__body"> - <script nonce="090a91a5ef8bb189fca1ec182ce2e1b1">document.body.className += ' js-enabled' + ('noModule' in HTMLScriptElement.prototype ? ' govuk-frontend-supported' : '');</script> + <script nonce="f00f1d471ba53d20f0b7d1c767ce6fb8">document.body.className += ' js-enabled' + ('noModule' in HTMLScriptElement.prototype ? ' govuk-frontend-supported' : '');</script> @@ -1394,10 +1394,10 @@
Status line and header section (1635 bytes) 
HTTP/1.1 302
-Date: Thu, 21 Mar 2024 09:38:50 GMT
+Date: Thu, 21 Mar 2024 09:51:14 GMT
 Content-Length: 0
 Connection: keep-alive
-Set-Cookie: jwtSession=eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiJjMjA3MzY0Ny02YjRiLTRjYmUtYjI1ZS03MjkyZTIwMDZhMmIiLCJzdWIiOiJBVVRPTUFURURURVNUVVNFUiIsImF1dGhvcml0aWVzIjoiUk9MRV9QUkVQQVJFX0FfQ0FTRSxST0xFX1BGX1NURF9QUk9CQVRJT04sUk9MRV9HTE9CQUxfU0VBUkNILFJPTEVfUEZfQVBQUk9WQUwsUk9MRV9QRl9OQVRJT05BTF9SRUFERVIsUk9MRV9QRl9IUSxST0xFX0xJQ0VOQ0VfQUNPLFJPTEVfTUFOQUdFX0FfV09SS0ZPUkNFX0FMTE9DQVRFLFJPTEVfV09SS0xPQURfTUVBU1VSRU1FTlQsUk9MRV9NQUtFX1JFQ0FMTF9ERUNJU0lPTixST0xFX1NPQ19DT01NVU5JVFksUk9MRV9USUVSX1NFUlZJQ0VfVVNFUixST0xFX0xJQ0VOQ0VfUk8sUk9MRV9MSUNFTkNFX1JPX1JFQURfT05MWSxST0xFX0xJQ0VOQ0VfVkFSWSxST0xFX1BST0JBVElPTiIsIm5hbWUiOiJBdXRvbWF0ZWRUZXN0VXNlciBBdXRvbWF0ZWRUZXN0VXNlciIsImF1dGhfc291cmNlIjoiZGVsaXVzIiwidXNlcl9pZCI6IjI1MDAyNTM1OTEiLCJwYXNzZWRfbWZhIjpmYWxzZSwiZXhwIjoxNzExMDU3MTMwfQ.Q4FNprtYh7GTF4GvqTmzRXPz4GGD2tesfGCiRSWNqWwZmP_DMrjBy_ZXwxgW_YLf-VAE2AwXeK43tBkNb9aH1Z0bRC-SzfV5YDLQpgdYvW2WLLZMrntkKN6p3xYqYaXx4yVtWGXQaMyp9l2iKWUnyOXdumL6xTa7CTqfliRBMUt3wZ_BhvSoKNJ0MidDQvJ9OXexooBJ9qgKCPVr8AKp2jzvCV4QgoX6d5xXYEdQIN76q0kb7Faq31f1oE0QpYcsBFbeYZdzW_Ek98XcsvohocSFh_KKcmdzMuWrswjH9rgiwo2SAGqH58kRAVQHNinvu92kKN7QPqvQ4v_PNK6rMw; Max-Age=43200; Expires=Thu, 21 Mar 2024 21:38:50 GMT; Path=/auth; Secure; HttpOnly
+Set-Cookie: jwtSession=eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiI0ZWFmODZmYi00ZmU4LTQ5MmItYWU0ZC1kNTRiZTg5Y2IyMGMiLCJzdWIiOiJBVVRPTUFURURURVNUVVNFUiIsImF1dGhvcml0aWVzIjoiUk9MRV9QUkVQQVJFX0FfQ0FTRSxST0xFX1BGX1NURF9QUk9CQVRJT04sUk9MRV9HTE9CQUxfU0VBUkNILFJPTEVfUEZfQVBQUk9WQUwsUk9MRV9QRl9OQVRJT05BTF9SRUFERVIsUk9MRV9QRl9IUSxST0xFX0xJQ0VOQ0VfQUNPLFJPTEVfTUFOQUdFX0FfV09SS0ZPUkNFX0FMTE9DQVRFLFJPTEVfV09SS0xPQURfTUVBU1VSRU1FTlQsUk9MRV9NQUtFX1JFQ0FMTF9ERUNJU0lPTixST0xFX1NPQ19DT01NVU5JVFksUk9MRV9USUVSX1NFUlZJQ0VfVVNFUixST0xFX0xJQ0VOQ0VfUk8sUk9MRV9MSUNFTkNFX1JPX1JFQURfT05MWSxST0xFX0xJQ0VOQ0VfVkFSWSxST0xFX1BST0JBVElPTiIsIm5hbWUiOiJBdXRvbWF0ZWRUZXN0VXNlciBBdXRvbWF0ZWRUZXN0VXNlciIsImF1dGhfc291cmNlIjoiZGVsaXVzIiwidXNlcl9pZCI6IjI1MDAyNTM1OTEiLCJwYXNzZWRfbWZhIjpmYWxzZSwiZXhwIjoxNzExMDU3ODc0fQ.kVZ8LEFpul9vH2hcCnCSYZF02bxBENSGIs_G4yq4zZdnCPcr7x40kXcW2K5r1zmMip-VO5h2VK-YBKVZu1ohbQfsJ_CLmLUq0psd-vxJbnTrsc4N_jNmfwPOpq2SQvs5kABjpMT1sxgtP5zlHQelrEptTvZC3XGQwSI_v5jdjs-yCrnG7npQM87aAGPZqjP_kxnNHr-BmOEi_0KVrVpJSqFemyIsa4o_7-WiFUeb1nfbslevIYxcj5K_cMlPSLXb0gAwBzq8DGyAzB7dSqY7xyDwaL8ylukPZsXg3TLOZ0xhTqBzJgJj7jEaHRY2luNxg2xIJuD7VvfJ_d1ewCXc2A; Max-Age=43200; Expires=Thu, 21 Mar 2024 21:51:14 GMT; Path=/auth; Secure; HttpOnly
 X-Content-Type-Options: nosniff
 X-XSS-Protection: 1; mode=block
 Cache-Control: no-cache, no-store, max-age=0, must-revalidate
@@ -1425,7 +1425,7 @@ 

 	
 	
 		Evidence
-		
eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiJjMjA3MzY0Ny02YjRiLTRjYmUtYjI1ZS03MjkyZTIwMDZhMmIiLCJzdWIiOiJBVVRPTUFURURURVNUVVNFUiIsImF1dGhvcml0aWVzIjoiUk9MRV9QUkVQQVJFX0FfQ0FTRSxST0xFX1BGX1NURF9QUk9CQVRJT04sUk9MRV9HTE9CQUxfU0VBUkNILFJPTEVfUEZfQVBQUk9WQUwsUk9MRV9QRl9OQVRJT05BTF9SRUFERVIsUk9MRV9QRl9IUSxST0xFX0xJQ0VOQ0VfQUNPLFJPTEVfTUFOQUdFX0FfV09SS0ZPUkNFX0FMTE9DQVRFLFJPTEVfV09SS0xPQURfTUVBU1VSRU1FTlQsUk9MRV9NQUtFX1JFQ0FMTF9ERUNJU0lPTixST0xFX1NPQ19DT01NVU5JVFksUk9MRV9USUVSX1NFUlZJQ0VfVVNFUixST0xFX0xJQ0VOQ0VfUk8sUk9MRV9MSUNFTkNFX1JPX1JFQURfT05MWSxST0xFX0xJQ0VOQ0VfVkFSWSxST0xFX1BST0JBVElPTiIsIm5hbWUiOiJBdXRvbWF0ZWRUZXN0VXNlciBBdXRvbWF0ZWRUZXN0VXNlciIsImF1dGhfc291cmNlIjoiZGVsaXVzIiwidXNlcl9pZCI6IjI1MDAyNTM1OTEiLCJwYXNzZWRfbWZhIjpmYWxzZSwiZXhwIjoxNzExMDU3MTMwfQ.Q4FNprtYh7GTF4GvqTmzRXPz4GGD2tesfGCiRSWNqWwZmP_DMrjBy_ZXwxgW_YLf-VAE2AwXeK43tBkNb9aH1Z0bRC-SzfV5YDLQpgdYvW2WLLZMrntkKN6p3xYqYaXx4yVtWGXQaMyp9l2iKWUnyOXdumL6xTa7CTqfliRBMUt3wZ_BhvSoKNJ0MidDQvJ9OXexooBJ9qgKCPVr8AKp2jzvCV4QgoX6d5xXYEdQIN76q0kb7Faq31f1oE0QpYcsBFbeYZdzW_Ek98XcsvohocSFh_KKcmdzMuWrswjH9rgiwo2SAGqH58kRAVQHNinvu92kKN7QPqvQ4v_PNK6rMw

+		
eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiI0ZWFmODZmYi00ZmU4LTQ5MmItYWU0ZC1kNTRiZTg5Y2IyMGMiLCJzdWIiOiJBVVRPTUFURURURVNUVVNFUiIsImF1dGhvcml0aWVzIjoiUk9MRV9QUkVQQVJFX0FfQ0FTRSxST0xFX1BGX1NURF9QUk9CQVRJT04sUk9MRV9HTE9CQUxfU0VBUkNILFJPTEVfUEZfQVBQUk9WQUwsUk9MRV9QRl9OQVRJT05BTF9SRUFERVIsUk9MRV9QRl9IUSxST0xFX0xJQ0VOQ0VfQUNPLFJPTEVfTUFOQUdFX0FfV09SS0ZPUkNFX0FMTE9DQVRFLFJPTEVfV09SS0xPQURfTUVBU1VSRU1FTlQsUk9MRV9NQUtFX1JFQ0FMTF9ERUNJU0lPTixST0xFX1NPQ19DT01NVU5JVFksUk9MRV9USUVSX1NFUlZJQ0VfVVNFUixST0xFX0xJQ0VOQ0VfUk8sUk9MRV9MSUNFTkNFX1JPX1JFQURfT05MWSxST0xFX0xJQ0VOQ0VfVkFSWSxST0xFX1BST0JBVElPTiIsIm5hbWUiOiJBdXRvbWF0ZWRUZXN0VXNlciBBdXRvbWF0ZWRUZXN0VXNlciIsImF1dGhfc291cmNlIjoiZGVsaXVzIiwidXNlcl9pZCI6IjI1MDAyNTM1OTEiLCJwYXNzZWRfbWZhIjpmYWxzZSwiZXhwIjoxNzExMDU3ODc0fQ.kVZ8LEFpul9vH2hcCnCSYZF02bxBENSGIs_G4yq4zZdnCPcr7x40kXcW2K5r1zmMip-VO5h2VK-YBKVZu1ohbQfsJ_CLmLUq0psd-vxJbnTrsc4N_jNmfwPOpq2SQvs5kABjpMT1sxgtP5zlHQelrEptTvZC3XGQwSI_v5jdjs-yCrnG7npQM87aAGPZqjP_kxnNHr-BmOEi_0KVrVpJSqFemyIsa4o_7-WiFUeb1nfbslevIYxcj5K_cMlPSLXb0gAwBzq8DGyAzB7dSqY7xyDwaL8ylukPZsXg3TLOZ0xhTqBzJgJj7jEaHRY2luNxg2xIJuD7VvfJ_d1ewCXc2A

 	
 	
 		Solution
@@ -1502,14 +1502,14 @@ 

 	
 		Request
 		

-				Request line and header section (476 bytes)
+				Request line and header section (474 bytes)
 				
 				
GET https://manage-a-supervision-dev.hmpps.service.justice.gov.uk/assets/govuk/govuk-frontend.min.js HTTP/1.1
 host: manage-a-supervision-dev.hmpps.service.justice.gov.uk
 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
 pragma: no-cache
 cache-control: no-cache
-Cookie: hmpps-manage-a-supervision-ui.session=s%3AiUOnH8u_t2R5MVC4G-s_39Qit6k4rsB5.PWOBjHCRMxSrM6zodzQata%2F5p%2FQ%2FH0RzgwjzBHXnhe0
+Cookie: hmpps-manage-a-supervision-ui.session=s%3Ab8sVoYxFsGl2s0MZinT5NNuW9ZQncvC6.WOtP%2BTgnyv657jX%2BKjAxQF0vkYKWzUd3JwoAbX9Z9yA
 
 

 				
@@ -1525,15 +1525,15 @@ 

 	
 		Response
 		

-				Status line and header section (1416 bytes)
+				Status line and header section (1414 bytes)
 				
 				
HTTP/1.1 200 OK
-Date: Thu, 21 Mar 2024 09:38:57 GMT
+Date: Thu, 21 Mar 2024 09:51:21 GMT
 Content-Type: application/javascript; charset=UTF-8
 Content-Length: 39486
 Connection: keep-alive
 request-context: appId=cid-v1:
-Content-Security-Policy: default-src 'self';script-src 'self' 'nonce-3d2d4b1e62d6eac744e3d26108b455cf';style-src 'self' 'nonce-3d2d4b1e62d6eac744e3d26108b455cf';font-src 'self';form-action 'self' https://sign-in-dev.hmpps.service.justice.gov.uk/auth;base-uri 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
+Content-Security-Policy: default-src 'self';script-src 'self' 'nonce-3bb02dcefa57f96255598b9013bc13c6';style-src 'self' 'nonce-3bb02dcefa57f96255598b9013bc13c6';font-src 'self';form-action 'self' https://sign-in-dev.hmpps.service.justice.gov.uk/auth;base-uri 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
 Cross-Origin-Embedder-Policy: require-corp
 Cross-Origin-Opener-Policy: same-origin
 Cross-Origin-Resource-Policy: same-origin
@@ -1546,13 +1546,13 @@ 

 X-Frame-Options: SAMEORIGIN
 X-Permitted-Cross-Domain-Policies: none
 X-XSS-Protection: 0
-X-Request-Id: 23ed3ce4c3daba980b7a85da8c814c3e
+X-Request-Id: ba8e13f4bebfe557a4d5399863b10827
 Accept-Ranges: bytes
 Cache-Control: public, max-age=3600
 Last-Modified: Tue, 19 Mar 2024 14:46:08 GMT
 ETag: W/"9a3e-18e572d4380"
 Vary: Accept-Encoding
-Set-Cookie: hmpps-manage-a-supervision-ui.session=s%3AiUOnH8u_t2R5MVC4G-s_39Qit6k4rsB5.PWOBjHCRMxSrM6zodzQata%2F5p%2FQ%2FH0RzgwjzBHXnhe0; Path=/; Expires=Thu, 21 Mar 2024 11:38:57 GMT; HttpOnly; Secure; SameSite=Lax
+Set-Cookie: hmpps-manage-a-supervision-ui.session=s%3Ab8sVoYxFsGl2s0MZinT5NNuW9ZQncvC6.WOtP%2BTgnyv657jX%2BKjAxQF0vkYKWzUd3JwoAbX9Z9yA; Path=/; Expires=Thu, 21 Mar 2024 11:51:21 GMT; HttpOnly; Secure; SameSite=Lax
 
 

 				
@@ -1616,15 +1616,15 @@ 

 	
 		Request
 		

-				Request line and header section (545 bytes)
+				Request line and header section (540 bytes)
 				
 				
GET https://manage-a-supervision-dev.hmpps.service.justice.gov.uk/assets/manifest.json HTTP/1.1
 host: manage-a-supervision-dev.hmpps.service.justice.gov.uk
 user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
 pragma: no-cache
 cache-control: no-cache
-referer: https://manage-a-supervision-dev.hmpps.service.justice.gov.uk/case/X756510
-Cookie: hmpps-manage-a-supervision-ui.session=s%3A7RglJVFpnFQyqsaTTG6BWw3pgpPirRqC.g7LL54JNT%2FGIprcTsc6CgY3TloNXhJmBuqt9hXPm9%2FY
+referer: https://manage-a-supervision-dev.hmpps.service.justice.gov.uk/sitemap.xml
+Cookie: hmpps-manage-a-supervision-ui.session=s%3A02bYmkOWbE9IxWSs0EuAMUfaC78oobHm.A1Ow9dfID90bJ1VbeOhBhIkVIerUptOsZyZgiiW921Y
 
 

 				
@@ -1640,15 +1640,15 @@ 

 	
 		Response
 		

-				Status line and header section (1405 bytes)
+				Status line and header section (1401 bytes)
 				
 				
HTTP/1.1 200 OK
-Date: Thu, 21 Mar 2024 09:39:12 GMT
+Date: Thu, 21 Mar 2024 09:51:35 GMT
 Content-Type: application/json; charset=UTF-8
 Content-Length: 800
 Connection: keep-alive
 request-context: appId=cid-v1:
-Content-Security-Policy: default-src 'self';script-src 'self' 'nonce-db4c4ae35198954381b83979b04bb4f3';style-src 'self' 'nonce-db4c4ae35198954381b83979b04bb4f3';font-src 'self';form-action 'self' https://sign-in-dev.hmpps.service.justice.gov.uk/auth;base-uri 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
+Content-Security-Policy: default-src 'self';script-src 'self' 'nonce-78dc44da2f402f904604d95a823a649b';style-src 'self' 'nonce-78dc44da2f402f904604d95a823a649b';font-src 'self';form-action 'self' https://sign-in-dev.hmpps.service.justice.gov.uk/auth;base-uri 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src-attr 'none';upgrade-insecure-requests
 Cross-Origin-Embedder-Policy: require-corp
 Cross-Origin-Opener-Policy: same-origin
 Cross-Origin-Resource-Policy: same-origin
@@ -1661,13 +1661,13 @@ 

 X-Frame-Options: SAMEORIGIN
 X-Permitted-Cross-Domain-Policies: none
 X-XSS-Protection: 0
-X-Request-Id: a5f896858b97f9bdafed0dca4c27bb4c
+X-Request-Id: 534e18dc97c1a1ade11ab63ae3ee19be
 Accept-Ranges: bytes
 Cache-Control: public, max-age=3600
 Last-Modified: Tue, 19 Mar 2024 14:46:08 GMT
 ETag: W/"320-18e572d4380"
 Vary: Accept-Encoding
-Set-Cookie: hmpps-manage-a-supervision-ui.session=s%3A7RglJVFpnFQyqsaTTG6BWw3pgpPirRqC.g7LL54JNT%2FGIprcTsc6CgY3TloNXhJmBuqt9hXPm9%2FY; Path=/; Expires=Thu, 21 Mar 2024 11:39:12 GMT; HttpOnly; Secure; SameSite=Lax
+Set-Cookie: hmpps-manage-a-supervision-ui.session=s%3A02bYmkOWbE9IxWSs0EuAMUfaC78oobHm.A1Ow9dfID90bJ1VbeOhBhIkVIerUptOsZyZgiiW921Y; Path=/; Expires=Thu, 21 Mar 2024 11:51:35 GMT; HttpOnly; Secure; SameSite=Lax