C — https://uwaterloo.ca | BeaverCheck Audit

Site Health

Score: 77 / 100

Based on 8 categories, 0 sections

Decent speed, but optimizing further could improve engagement.

Good foundation, but a few gaps could be exploited.

Mostly accessible, but some users still face barriers.

Well-optimized for search — your content is discoverable.

Solid infrastructure — fast server responses across the board.

Mostly compliant — a few items need attention.

Good content signals with minor gaps.

Reasonable footprint with room for optimization.

How is this calculated?

The overall score is a weighted average of individual category scores. Categories with more impact on user experience and security carry more weight.

Performance 25%Security 25%Accessibility 15%SEO 10%Infrastructure 10%Compliance 8%Content 5%Sustainability 2%

Weights reflect general web best practices. Individual needs may differ.

How the composite score is calculated

How you compare

Drupal · 362 peers

You 77

Avg 73

At average

0 50 100

Better than 84% of Drupal sites See full Drupal benchmark →

Apple · 1227 peers

You 77

Avg 72

At average

0 50 100

Better than 85% of Apple sites See full Apple benchmark →

Top Priorities (5)

'unsafe-eval' found in script source

Security gaps expose your site and users to attacks, eroding trust.

Security › Content Security Policy

'unsafe-inline' found in script source

Security gaps expose your site and users to attacks, eroding trust.

Security › Content Security Policy

1 control(s) without accessible label

Accessibility issues exclude users with disabilities — up to 15% of your potential audience.

Accessibility › Form Accessibility

57 third-party resources (72% of weight)

Performance issues directly impact user engagement and conversion rates.

Performance › Page Weight Inventory

Certificate expires soon (23 days remaining)

Security gaps expose your site and users to attacks, eroding trust.

Security › TLS & Certificates

View fix priority matrix

Fix Priority Matrix

5 findings

Impact

Quick Wins

High impact, low effort — start here.

Strategic

High impact, requires investment.

Easy Improvements

Small gains, minimal effort.

Nothing in this quadrant — good news.

Deprioritize

Low impact, high effort — do last.

Nothing in this quadrant — good news.

← Low effort High effort →

Embed this badge

Markdown

[![BeaverCheck](https://beavercheck.com/badge?url=https%3A%2F%2Fuwaterloo.ca)](https://beavercheck.com/results/46e09bb0-d50f-42b8-bde4-72047f2e67c7)

HTML

<a href="https://beavercheck.com/results/46e09bb0-d50f-42b8-bde4-72047f2e67c7"><img src="https://beavercheck.com/badge?url=https%3A%2F%2Fuwaterloo.ca" alt="BeaverCheck Score"></a>

Image URL

https://beavercheck.com/badge?url=https%3A%2F%2Fuwaterloo.ca

This badge auto-updates with your latest scan result.

What fixing these means

Your site performs reasonably well, but a few targeted fixes could meaningfully improve results. Your LCP of 3.8s exceeds Google's 2.5s 'Good' threshold and the 1 performance issue below directly contributes to it. Addressing the critical issues below would have the most immediate impact on your user trust.

3 security gaps detected — browsers may warn visitors about your site.

1 accessibility issue excludes users who rely on assistive technology.

Your LCP is 3.8s — fixing the 1 performance critical could bring it under Google's 2.5s 'Good' threshold.

Could reach Estimate based on resolving critical issues

Conversion Barriers

2 critical 6 warning

8 barrier(s) likely increasing bounce by ~27%.

Speed (2)

Page loads in 3.8s

+5% bounce

Every additional 100ms above 2.5s costs conversions — you're 1.3s over

Fix: Target <2.5s LCP: defer non-critical scripts and optimize the hero image

Page feels frozen for 2.3s

+5% bounce

Clicks on the primary CTA are ignored while JavaScript runs

Fix: Break up long tasks; defer non-critical JavaScript to post-hydration

Trust (2)

No HSTS header

+1% bounce

Returning visitors are briefly exposed to downgrade attacks on first request

Fix: Set Strict-Transport-Security: max-age=31536000; includeSubDomains

No Content-Security-Policy header

+1% bounce

Higher XSS blast radius — one compromised script can exfiltrate the checkout form

Fix: Ship a reporting-only CSP first, then enforce once violations are clean

Usability (1)

1 form field(s) without a label

+2% bounce

Screen readers skip unlabeled fields; autofill can't identify them; checkout abandonment spikes

Fix: Associate every input with a visible <label for="…">; add autocomplete attributes

Content (2)

No structured data

+2% bounce

No rich-result eligibility in Google — lower SERP CTR vs competitors with stars and prices

Fix: Add JSON-LD for your page type (Product, Article, FAQPage, LocalBusiness, …)

Content is hard to read

+2% bounce

Graduate-level reading difficulty — limits the addressable audience for product or blog pages

Fix: Shorten sentences; replace jargon with plain language; target Flesch ease ≥60

Navigation (1)

3 broken link(s) on the page

+5% bounce

Clicks land on 404s — trust drops and the session often ends

Fix: Fix or remove the broken destinations surfaced on the Content tab

Preliminary CRO audit — each barrier links to the tab with detailed analysis.

Return on Investment

CAD 475 investment → CAD 2,636/month returns + CAD 350,000 risk avoided

Payback period: < 1 month First-year ROI: +6559%

Investment

CAD 475

5h · 5 findings

Monthly returns

CAD 2,636 /mo

~CAD 31,629 / year

Conversions recovered CAD 2,635
Bandwidth savings CAD 0.58

Regulatory risk avoided

CAD 350,000

if kept compliant

ACA CAD 250,000
PIPEDA CAD 100,000

Payback period

0 12mo 24mo

CAD 143 — in quick wins — start here for the fastest payback

Figures combine localized regulatory fine ceilings, search/conversion value priced against local CPC, and bandwidth waste estimates. Results depend on implementation quality and audience composition. Not legal or financial advice.

Full methodology & sources

Estimated Remediation Cost

CA$475

5.0 developer hours at CA$95/hr

Based on Canada rates (CA$95/hr)

Quick wins

CA$143 3 fixes in ~90 minutes

Start here for the best return on investment

Cost by category

Cost by effort level

Adjust assumptions

Custom rate

CA$ /hr

Rates reflect fully-loaded developer cost including overhead

How developer rates are sourced

What Inaction Is Costing You

CAD 29,167 / month at risk

~CAD 350,007 / year if left unfixed

Compliance Risk

CAD 350,000

ACAPIPEDA

No privacy policy link detected
PIPEDA: CAD 1,000 – CAD 100,000
4 advertising/retargeting trackers detected
PIPEDA: CAD 1,000 – CAD 100,000
Trackers detected but no cookie policy found
PIPEDA: CAD 1,000 – CAD 100,000

+3 more

Bandwidth Waste

CAD 0.58 /mo

5408.8 MB/mo × 0.108 CAD/GB

Optimize transfer: save ~541 KB per page load
Saves CAD 0.58/mo

Compliance figures represent the statutory maximum fine for the most severe triggered category, capped per regulation — not the sum of per-finding penalties. Based on published regulatory fine ranges. This is not legal advice.

Compliance methodology · SEO assumptions · Bandwidth model

Your performance is already good — improvements may show diminishing returns

Monthly visitors

Unique monthly visitors from your analytics

Conversion rate (%)

Purchases, signups, or key actions

Avg. order value

Optional — for revenue estimation

additional conversions/month

more engaged visitors from reduced bounce

potential monthly revenue

Current bounce (est.)

After fixes (est.)

Estimated bounce reduction

Fix 3 critical issues to capture this value

How this is calculated

Based on Google/Deloitte research ("Milliseconds Make Millions") showing a ~7% bounce rate increase per additional second of LCP above the 2.5s "Good" threshold.

Your site's LCP: → estimated after fixes.

These are estimates based on industry research — actual results vary

Bounce-rate model & assumptions

Your data stays in your browser — nothing is sent to our servers

Was this report useful?

Thanks for your feedback!

We'll use a cached audit if available, or offer to scan.

Checking for existing audit...

Press ? for shortcuts

Lighthouse Scores

Industry-standard audits powered by Google Lighthouse.

Performance

Accessibility

Best Practices

100

SEO

Core Web Vitals

Key metrics that affect user experience.

First Contentful Paint First Contentful Paint — how long until the browser renders the first piece of content. Under 1.8s is good.

2.58 s

Largest Contentful Paint Largest Contentful Paint — how long until the largest visible element loads. Under 2.5s is good.

3.84 s

Total Blocking Time Total Blocking Time — total time the main thread was blocked, preventing user input. Under 200ms is good.

2.30 s

Cumulative Layout Shift Cumulative Layout Shift — measures visual stability. How much the page layout shifts during loading. Under 0.1 is good.

0.057

Speed Index Speed Index — how quickly content is visually displayed during load. Under 3.4s is good.

3.22 s

Time to Interactive Time to Interactive — how long until the page is fully interactive and responds to user input. Under 3.8s is good.

16.95 s

Detailed Report

Audit breakdown by category with detailed findings.

Performance

Insights

Remove large, duplicate JavaScript modules from bundles to reduce unnecessary bytes consumed by network activity.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Polyfills and transforms enable older browsers to use new JavaScript features. However, many aren't necessary for modern browsers. Consider modifying your JavaScript build process to not transpile Baseline features, unless you know you must support older browsers. Learn why most sites can deploy ES6+ code without transpiling

Why this matters

Shipping ES5 transpiled code to modern browsers wastes bytes — every user with an evergreen browser pays for compatibility you don't need.

Learn more ▾

Most users today run browsers that natively support ES6+, async/await, optional chaining, and the rest of modern JavaScript. Transpiling to ES5 'just in case' adds 20-40% to your bundle for no benefit. Configure your build to target a modern browserslist, or ship a differential bundle pair (modern + legacy) with the module/nomodule pattern.

Source: Google web.dev / Lighthouse

3rd party code can significantly impact load performance. Reduce and defer loading of 3rd party code to prioritize your page's content.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Consider setting font-display to swap or optional to ensure text is consistently visible. swap can be further optimized to mitigate layout shifts with font metric overrides.

Why this matters

Performance issues directly impact user engagement and conversion rates.

URL	Est Savings
uwaterloo.ca/fonts/lineto-typ1451-regular.woff2	35 ms
uwaterloo.ca/fonts/Bureau_Grot-Condensed_Bold.woff2	35 ms
uwaterloo.ca/fonts/Bureau_Grot-Condensed_Book.woff2	20 ms
uwaterloo.ca/fonts/lineto-typ1451-medium.woff2	15 ms
uwaterloo.ca/fonts/Bureau_Grot-Light.woff2	15 ms
uwaterloo.ca/fonts/Bureau_Grot-Book.woff2	10 ms

A forced reflow occurs when JavaScript queries geometric properties (such as offsetWidth) after styles have been invalidated by a change to the DOM state. This can result in poor performance. Learn more about forced reflows and possible mitigations.

Why this matters

Performance issues directly impact user engagement and conversion rates.

headings: [map[key:source label:Top function call valueType:source-location] map[granularity:1 key:reflowTime label:Total reflow time valueType:ms]]

items: [map[reflowTime:48.131 source:map[column:8495 line:5 type:source-location url:https://uwaterloo.ca/ urlProvider:network]]]

headings: [map[key:source label:Source valueType:source-location] map[granularity:1 key:reflowTime label:Total reflow time valueType:ms]]

items: [map[reflowTime:114.574 source:map[type:text value:[unattributed]]] map[reflowTime:8.116 source:map[column:52061 line:1 type:source-location url:https://uwaterloo.ca/sites/default/files/js/js_K0AVs7DJKR_a7_Vk27HZOpkH8tP2fsTngk57D3Bl9BY.js urlProvider:network]] map[reflowTime:37.442 source:map[column:52780 line:1 type:source-location url:https://uwaterloo.ca/sites/default/files/js/js_K0AVs7DJKR_a7_Vk27HZOpkH8tP2fsTngk57D3Bl9BY.js urlProvider:network]] map[reflowTime:0.326 source:map[column:52838 line:1 type:source-location url:https://uwaterloo.ca/sites/default/files/js/js_K0AVs7DJKR_a7_Vk27HZOpkH8tP2fsTngk57D3Bl9BY.js urlProvider:network]] map[reflowTime:0.236 source:map[column:52902 line:1 type:source-location url:https://uwaterloo.ca/sites/default/files/js/js_K0AVs7DJKR_a7_Vk27HZOpkH8tP2fsTngk57D3Bl9BY.js urlProvider:network]] map[reflowTime:0.68 source:map[column:56721 line:1 type:source-location url:https://uwaterloo.ca/sites/default/files/js/js_K0AVs7DJKR_a7_Vk27HZOpkH8tP2fsTngk57D3Bl9BY.js urlProvider:network]] map[reflowTime:0.478 source:map[column:52083 line:1 type:source-location url:https://uwaterloo.ca/sites/default/files/js/js_K0AVs7DJKR_a7_Vk27HZOpkH8tP2fsTngk57D3Bl9BY.js urlProvider:network]] map[reflowTime:0.853 source:map[column:53815 line:1 type:source-location url:https://uwaterloo.ca/sites/default/files/js/js_K0AVs7DJKR_a7_Vk27HZOpkH8tP2fsTngk57D3Bl9BY.js urlProvider:network]]]

Reducing the download time of images can improve the perceived load time of the page and LCP. Learn more about optimizing image size

Why this matters

Performance issues directly impact user engagement and conversion rates.

	URL	Resource Size	Est Savings
Aerial view of campus with yellow checkmark `a > div.card__banner--media > picture.uw-picture > img.uw-picture__fallback`	/sites/default/files/styles/uw_is_media_small/public/uplo...	17.1 KiB	10.8 KiB

Optimize LCP by making the LCP image discoverable from the HTML immediately, and avoiding lazy-loading

Why this matters

Performance issues directly impact user engagement and conversion rates.

lhId: page-1-IMG

nodeLabel: Professor teaching a student with VO2 max machine

path: 1,HTML,1,BODY,5,DIV,0,DIV,2,MAIN,0,DIV,0,DIV,0,ARTICLE,0,DIV,0,DIV,0,ARTICLE,0,DIV,0,ARTICLE,0,DIV,0,DIV,0,A,1,DIV,0,PICTURE,8,IMG

selector: a > div.card__banner--media > picture.uw-picture > img.uw-picture__fallback

snippet: <img class="uw-picture__fallback" src="https://uwaterloo.ca/sites/default/files/styles/uw_is_media_small/public/u…" alt="Professor teaching a student with VO2 max machine">

Avoid chaining critical requests by reducing the length of chains, reducing the download size of resources, or deferring the download of unnecessary resources to improve page load.

Why this matters

Performance issues directly impact user engagement and conversion rates.

description: [preconnect](https://developer.chrome.com/docs/lighthouse/performance/uses-rel-preconnect/) hints help the browser establish a connection earlier in the page load, saving time when the first request for that origin is made. The following are the origins that the page preconnected to.

title: Preconnected origins

description: Add [preconnect](https://developer.chrome.com/docs/lighthouse/performance/uses-rel-preconnect/) hints to your most important origins, but try to use no more than 4.

title: Preconnect candidates

value: No additional origins are good candidates for preconnecting

Requests are blocking the page's initial render, which may delay LCP. Deferring or inlining can move these network requests out of the critical path.

Why this matters

Performance issues directly impact user engagement and conversion rates.

URL	Transfer Size	Duration
/sites/default/files/css/css_yYIob_JSc1msF-q-DpGs3SxT09DU...	6.3 KiB	151 ms
/sites/default/files/css/css_mvPXsrvEKREtRqwt2W6WaQZQ8ZCA...	129.4 KiB	1.1 s

A long cache lifetime can speed up repeat visits to your page. Learn more about caching.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Request	Cache TTL	Transfer Size
connect.facebook.net/en_US/fbevents.js	1200.0 s	96.6 KiB
/signals/config/1633448083948715?v=2.9.303&r=stable&domai...	1200.0 s	44.5 KiB
www.google-analytics.com/analytics.js	7200.0 s	20.8 KiB
tags.srv.stackadapt.com/events.js	5.0 s	7.7 KiB
snap.licdn.com/li.lms-analytics/insight.min.js	86400.0 s	18.7 KiB
origin.acuityplatform.com/event/v2/pixel.js	0.0 ms	2.7 KiB
wat.test.technolutions.net/ping	1793.0 s	968 B
/collect?v=2&fmt=js&pid=6710970&time=1776802390727&li_ads...	0.0 ms	270 B
/tr/?id=1633448083948715&ev=PageView&dl=https%3A%2F%2Fuwa...	0.0 ms	16 B

These insights are also available in the Chrome DevTools Performance Panel - record a trace to view more detailed information.

Time to Interactive is the amount of time it takes for the page to become fully interactive. Learn more about the Time to Interactive metric.

Why this matters

Performance issues directly impact user engagement and conversion rates.

TTI

The maximum potential First Input Delay that your users could experience is the duration of the longest task. Learn more about the Maximum Potential First Input Delay metric.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Diagnostics

Minifying JavaScript files can reduce payload sizes and script parse time. Learn how to minify JavaScript.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Estimated savings: 30 ms 10.2 KiB

URL	Transfer Size	Est Savings
/sites/default/files/js/js_K0AVs7DJKR_a7_Vk27HZOpkH8tP2fs...	71.9 KiB	10.2 KiB

Reduce unused rules from stylesheets and defer CSS not used for above-the-fold content to decrease bytes consumed by network activity. Learn how to reduce unused CSS.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Estimated savings: 560 ms 120.7 KiB

URL	Transfer Size	Est Savings
/sites/default/files/css/css_mvPXsrvEKREtRqwt2W6WaQZQ8ZCA...	129.0 KiB	120.7 KiB

Reduce unused JavaScript and defer loading scripts until they are required to decrease bytes consumed by network activity. Learn how to reduce unused JavaScript.

Why this matters

Multi-megabyte JavaScript bundles delay every interactive feature on the page.

Learn more ▾

This is the Lighthouse audit fired when too much JS is shipped relative to what executes. The fix isn't a config flag — it requires bundle analysis (webpack-bundle-analyzer, rollup-plugin-visualizer), splitting routes into chunks, lazy-loading off-screen components, and removing unused dependencies. Fundamentally different from minification: minifying reduces byte count, this reduces what's downloaded at all.

Source: Google web.dev / Lighthouse

Estimated savings: 180 ms 487.3 KiB

URL	Transfer Size	Est Savings
www.googletagmanager.com/gtm.js?id=GTM-M9XLVF	175.3 KiB	68.1 KiB
www.googletagmanager.com/gtag/destination?id=AW-869143110&cx=c&gtm=4e64h1	170.1 KiB	67.9 KiB
www.googletagmanager.com/gtag/js?id=G-L2Z2MKPQ2G	155.4 KiB	64.6 KiB
www.googletagmanager.com/gtag/destination?id=AW-848079280&cx=c&gtm=4e64h1	145.6 KiB	61.7 KiB
www.googletagmanager.com/gtag/js?id=G-W3BFRPSG9B&cx=c&gtm=4e64h1	171.9 KiB	60.9 KiB
www.googletagmanager.com/gtag/destination?id=AW-868082214&cx=c&gtm=4e64h1	134.1 KiB	58.8 KiB
/sites/default/files/js/js_K0AVs7DJKR_a7_Vk27HZOpkH8tP2fs...	71.9 KiB	41.2 KiB
connect.facebook.net/en_US/fbevents.js	96.5 KiB	34.2 KiB
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.7/config/TeX-AMS_HTML.js?V=2.7.7	53.1 KiB	29.9 KiB

Consider reducing the time spent parsing, compiling, and executing JS. You may find delivering smaller JS payloads helps with this. Learn how to reduce Javascript execution time.

Why this matters

Performance issues directly impact user engagement and conversion rates.

URL	Total CPU Time	Script Evaluation	Script Parse
uwaterloo.ca/	1.1 s	253 ms	25 ms
Unattributable	727 ms	43 ms	0.0 ms
/sites/default/files/js/js_K0AVs7DJKR_a7_Vk27HZOpkH8tP2fs...	585 ms	114 ms	22 ms
www.googletagmanager.com/gtm.js?id=GTM-M9XLVF	504 ms	431 ms	54 ms
www.googletagmanager.com/gtag/js?id=G-L2Z2MKPQ2G	483 ms	429 ms	48 ms
www.googletagmanager.com/gtag/js?id=G-W3BFRPSG9B&cx=c&gtm=4e64h1	378 ms	321 ms	54 ms
www.googletagmanager.com/gtag/destination?id=AW-869143110&cx=c&gtm=4e64h1	359 ms	306 ms	50 ms
www.googletagmanager.com/gtag/destination?id=AW-868082214&cx=c&gtm=4e64h1	291 ms	216 ms	73 ms
js-agent.newrelic.com/nr-spa-1.313.0.min.js	291 ms	221 ms	12 ms
www.googletagmanager.com/gtag/destination?id=AW-848079280&cx=c&gtm=4e64h1	272 ms	230 ms	39 ms
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.7/config/TeX-AMS_HTML.js?V=2.7.7	195 ms	151 ms	36 ms
connect.facebook.net/en_US/fbevents.js	192 ms	145 ms	47 ms
/signals/config/1633448083948715?v=2.9.303&r=stable&domai...	171 ms	153 ms	18 ms
www.google-analytics.com/analytics.js	84 ms	71 ms	5.3 ms
/sites/default/files/css/css_mvPXsrvEKREtRqwt2W6WaQZQ8ZCA...	80 ms	0.0 ms	0.0 ms
tags.srv.stackadapt.com/events.js	73 ms	63 ms	2.4 ms
snap.licdn.com/li.lms-analytics/insight.min.js	51 ms	45 ms	5.8 ms

Consider reducing the time spent parsing, compiling and executing JS. You may find delivering smaller JS payloads helps with this. Learn how to minimize main-thread work

Why this matters

Performance issues directly impact user engagement and conversion rates.

Category	Time Spent
Script Evaluation	3.3 s
Other	949 ms
Style & Layout	903 ms
Script Parsing & Compilation	510 ms
Garbage Collection	158 ms
Parse HTML & CSS	94 ms
Rendering	65 ms

More information about the performance of your application. These numbers don't directly affect the Performance score.

●Layout shift culprits

●Document request latency

●Optimize DOM size

●LCP breakdown

●Modern HTTP

●Optimize viewport for mobile

●Minify CSS

●Avoids enormous network payloads Total size was 1,761 KiB

●User Timing marks and measures 29 user timings

●Avoid long main-thread tasks 20 long tasks found

●Image elements have explicit `width` and `height`

●Page didn't prevent back/forward cache restoration

●Network Requests

●Network Round Trip Times 70 ms

●Server Backend Latencies 160 ms

●Tasks

●Diagnostics

●Metrics

●Screenshot Thumbnails

●Final Screenshot

●Script Treemap Data

●Resources Summary

●Avoid multiple page redirects

●Initial server response time was short Root document took 10 ms

●Avoid large layout shifts 15 layout shifts found

○INP breakdown

○Avoid non-composited animations

Accessibility

These checks highlight opportunities to improve the accessibility of your web app. Automatic detection can only detect a subset of issues and does not guarantee the accessibility of your web app, so manual testing is also encouraged.

ARIA

ARIA dialog elements without accessible names may prevent screen readers users from discerning the purpose of these elements. Learn how to make ARIA dialog elements more accessible.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Failing Elements
We use cookies on this site to enhance your user experience Select 'Accept all… `body.org-default > div#sliding-popup > div.eu-cookie-compliance-banner > div.popup-content`

These are opportunities to improve the usage of ARIA in your application which may enhance the experience for users of assistive technology, like a screen reader.

Navigation

Properly ordered headings that do not skip levels convey the semantic structure of the page, making it easier to navigate and understand when using assistive technologies. Learn more about heading order.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Failing Elements
Discover Waterloo by the numbers → `div.uw-text-align--center > div.uw-copy-text > div.uw-copy-text__wrapper > h3`

These are opportunities to improve keyboard navigation in your application.

○Interactive controls are keyboard focusable

○Interactive elements indicate their purpose and state

○The page has a logical tab order

○Visual order on the page follows DOM order

○User focus is not accidentally trapped in a region

○The user's focus is directed to new content added to the page

○HTML5 landmark elements are used to improve navigation

○Offscreen content is hidden from assistive technology

○Custom controls have associated labels

○Custom controls have ARIA roles

●`[aria-*]` attributes match their roles

●`[aria-hidden="true"]` is not present on the document `<body>`

●`[role]`s have all required `[aria-*]` attributes

●`[role]` values are valid

●`[aria-*]` attributes have valid values

●`[aria-*]` attributes are valid and not misspelled

●Buttons have an accessible name

●Image elements have `[alt]` attributes

●Form elements have associated labels

●`[user-scalable="no"]` is not used in the `<meta name="viewport">` element and the `[maximum-scale]` attribute is not less than 5.

●Select elements have associated label elements.

●`button`, `link`, and `menuitem` elements have accessible names

●ARIA attributes are used as specified for the element's role

●`[aria-hidden="true"]` elements do not contain focusable descendents

●Elements use only permitted ARIA attributes

●Background and foreground colors have a sufficient contrast ratio

●Document has a `<title>` element

●`<html>` element has a `[lang]` attribute

●`<html>` element has a valid value for its `[lang]` attribute

●Links are distinguishable without relying on color.

●Links have a discernible name

●Lists contain only `<li>` elements and script supporting elements (`<script>` and `<template>`).

●List items (`<li>`) are contained within `<ul>`, `<ol>` or `<menu>` parent elements

●No element has a `[tabindex]` value greater than 0

●Touch targets have sufficient size and spacing.

●`[lang]` attributes have a valid value

●Document has a main landmark.

●Deprecated ARIA roles were not used

○`[accesskey]` values are unique

○ARIA input fields have accessible names

○ARIA `meter` elements have accessible names

○ARIA `progressbar` elements have accessible names

○Elements with an ARIA `[role]` that require children to contain a specific `[role]` have all required children.

○`[role]`s are contained by their required parent element

○Elements with the `role=text` attribute do not have focusable descendents.

○ARIA toggle fields have accessible names

○ARIA `tooltip` elements have accessible names

○ARIA `treeitem` elements have accessible names

○The page contains a heading, skip link, or landmark region

○`<dl>`'s contain only properly-ordered `<dt>` and `<dd>` groups, `<script>`, `<template>` or `<div>` elements.

○Definition list items are wrapped in `<dl>` elements

○ARIA IDs are unique

○No form fields have multiple labels

○`<frame>` or `<iframe>` elements have a title

○`<html>` element has an `[xml:lang]` attribute with the same base language as the `[lang]` attribute.

○Input buttons have discernible text.

○`<input type="image">` elements have `[alt]` text

○The document does not use `<meta http-equiv="refresh">`

○`<object>` elements have alternate text

○Skip links are focusable.

○Cells in a `<table>` element that use the `[headers]` attribute refer to table cells within the same table.

○`<th>` elements and elements with `[role="columnheader"/"rowheader"]` have data cells they describe.

○`<video>` elements contain a `<track>` element with `[kind="captions"]`

○Tables have different content in the summary attribute and `<caption>`.

○All heading elements contain content.

○Uses ARIA roles only on compatible elements

○Image elements do not have `[alt]` attributes that are redundant text.

○Identical links have the same purpose.

○Elements with visible text labels have matching accessible names.

○Tables use `<caption>` instead of cells with the `[colspan]` attribute to indicate a caption.

○`<td>` elements in a large `<table>` have one or more table headers.

Best Practices

General

Deprecated APIs will eventually be removed from the browser. Learn more about deprecated APIs.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Deprecation / Warning	Source
AttributionReporting	snap.licdn.com/li.lms-analytics/insight.min.js

Errors logged to the console indicate unresolved problems. They can come from network request failures and other browser concerns. Learn more about this errors in console diagnostic audit

Why this matters

Performance issues directly impact user engagement and conversion rates.

Source Description

Source	Description
www.googletagmanager.com/gtm.js?id=GTM-M9XLVF line 244, col 482	Loading the script 'https://bat.bing.com/bat.js' violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://uwaterloo.ca https://.uwaterloo.ca https://maxcdn.bootstrapcdn.com https://.google.com https://.google-analytics.com https://.googleapis.com https://.gstatic.com https://.googletagmanager.com https://.googleusercontent.com https://.googleadservices.com https://.g.doubleclick.net https://6263835.fls.doubleclick.net https://ad.doubleclick.net https://14868352.fls.doubleclick.net https://cdnjs.cloudflare.com https://twitter.com https://.twitter.com https://.twimg.com https://.facebook.com https://.facebook.net https://scontent.xx.fbcdn.net https://.youtube.com https://.youtube-nocookie.com https://s.ytimg.com https://.livestream.com https://.webspellchecker.net https://cdn.mathjax.org https://.addtoany.com https://.vimeo.com https://.vimeocdn.com https://cdn.leafletjs.com https://cdn-geoweb.s3.amazonaws.com https://cdn.maptiks.com https://api.tiles.mapbox.com https://d591zijq8zntj.cloudfront.net https://.libanswers.com https://.libchat.com https://secure.skype.com https://cdn-akamai.mookie1.com https://.tiqcdn.com https://snap.licdn.com https://.ads.linkedin.com https://secure.adnxs.com https://public.tableau.com https://codepen.io https://cpwebassets.codepen.io https://static.codepen.io https://public.codepenassets.com https://app.powerbi.com https://s.yimg.com https://sp.analytics.yahoo.com https://chat.socialintents.com https://hcaptcha.com https://newassets.hcaptcha.com https://code.jquery.com https://experience.arcgis.com https://api.mapbox.com https://www.instagram.com https://vuejs.org https://cdn.jsdelivr.net https://js-agent.newrelic.com https://bam.nr-data.net https://us-central1-pantheon-psapps.cloudfunctions.net https://cdn.ckeditor.com https://netdna.bootstrapcdn.com https://.hotjar.com https://.hotjar.io https://.kuali.co https://drupal-oauth.mailchimp.com https://srv.stackadapt.com https://.srv.stackadapt.com https://qvdt3feo.com https://origin.acuityplatform.com https://e.acuityplatform.com https://*.clarity.ms https://c.bing.com https://www.redditstatic.com https://events.reddit.com https://wat-2.test.technolutions.net https://wat.test.technolutions.net https://fw.cdn.technolutions.net https://mx.technolutions.net https://wat-backup.test.technolutions.net https://slate-technolutions-net.cdn.technolutions.net https://grad-apply-uwaterloo-ca.cdn.technolutions.net". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback. The action has been blocked.

www.googletagmanager.com/gtm.js?id=GTM-M9XLVF line 244, col 482

Loading the script 'https://bat.bing.com/bat.js' violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://uwaterloo.ca https://*.uwaterloo.ca https://maxcdn.bootstrapcdn.com https://*.google.com https://*.google-analytics.com https://*.googleapis.com https://*.gstatic.com https://*.googletagmanager.com https://*.googleusercontent.com https://*.googleadservices.com https://*.g.doubleclick.net https://6263835.fls.doubleclick.net https://ad.doubleclick.net https://14868352.fls.doubleclick.net https://cdnjs.cloudflare.com https://twitter.com https://*.twitter.com https://*.twimg.com https://*.facebook.com https://*.facebook.net https://scontent.xx.fbcdn.net https://*.youtube.com https://*.youtube-nocookie.com https://s.ytimg.com https://*.livestream.com https://*.webspellchecker.net https://cdn.mathjax.org https://*.addtoany.com https://*.vimeo.com https://*.vimeocdn.com https://cdn.leafletjs.com https://cdn-geoweb.s3.amazonaws.com https://cdn.maptiks.com https://api.tiles.mapbox.com https://d591zijq8zntj.cloudfront.net https://*.libanswers.com https://*.libchat.com https://secure.skype.com https://cdn-akamai.mookie1.com https://*.tiqcdn.com https://snap.licdn.com https://*.ads.linkedin.com https://secure.adnxs.com https://public.tableau.com https://codepen.io https://cpwebassets.codepen.io https://static.codepen.io https://public.codepenassets.com https://app.powerbi.com https://s.yimg.com https://sp.analytics.yahoo.com https://chat.socialintents.com https://hcaptcha.com https://newassets.hcaptcha.com https://code.jquery.com https://experience.arcgis.com https://api.mapbox.com https://www.instagram.com https://vuejs.org https://cdn.jsdelivr.net https://js-agent.newrelic.com https://bam.nr-data.net https://us-central1-pantheon-psapps.cloudfunctions.net https://cdn.ckeditor.com https://netdna.bootstrapcdn.com https://*.hotjar.com https://*.hotjar.io https://*.kuali.co https://drupal-oauth.mailchimp.com https://srv.stackadapt.com https://*.srv.stackadapt.com https://qvdt3feo.com https://origin.acuityplatform.com https://e.acuityplatform.com https://*.clarity.ms https://c.bing.com https://www.redditstatic.com https://events.reddit.com https://wat-2.test.technolutions.net https://wat.test.technolutions.net https://fw.cdn.technolutions.net https://mx.technolutions.net https://wat-backup.test.technolutions.net https://slate-technolutions-net.cdn.technolutions.net https://grad-apply-uwaterloo-ca.cdn.technolutions.net". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback. The action has been blocked.

Issues logged to the `Issues` panel in Chrome Devtools indicate unresolved problems. They can come from network request failures, insufficient security controls, and other browser concerns. Open up the Issues panel in Chrome DevTools for more details on each issue.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Issue type
Content security policy

●Uses HTTPS

●Avoids third-party cookies

●Allows users to paste into input fields

●Avoids requesting the geolocation permission on page load

●Avoids requesting the notification permission on page load

●Displays images with correct aspect ratio

●Serves images with appropriate resolution

●Page has the HTML doctype

●Properly defines charset

●Ensure CSP is effective against XSS attacks

●Use a strong HSTS policy

●Ensure proper origin isolation with COOP

●Mitigate DOM-based XSS with Trusted Types

●Detected JavaScript libraries

●Page has valid source maps

○Redirects HTTP traffic to HTTPS

○Mitigate clickjacking with XFO or CSP

100

SEO

These checks ensure that your page is following basic search engine optimization advice. There are many additional factors Lighthouse does not score here that may affect your search ranking, including performance on Core Web Vitals. Learn more about Google Search Essentials.

○Structured data is valid

●Page isn’t blocked from indexing

●Document has a `<title>` element

●Document has a meta description

●Page has successful HTTP status code

●Links have descriptive text

●Links are crawlable

●Image elements have `[alt]` attributes

●Document has a valid `hreflang`

●Document has a valid `rel=canonical`

○robots.txt is valid

Lighthouse Scores

Industry-standard audits powered by Google Lighthouse. — Desktop

Performance

Accessibility

Best Practices

100

SEO

Core Web Vitals

Key metrics that affect user experience. — Desktop

First Contentful Paint First Contentful Paint — how long until the browser renders the first piece of content. Under 1.8s is good.

660 ms

Largest Contentful Paint Largest Contentful Paint — how long until the largest visible element loads. Under 2.5s is good.

1.09 s

Total Blocking Time Total Blocking Time — total time the main thread was blocked, preventing user input. Under 200ms is good.

184 ms

Cumulative Layout Shift Cumulative Layout Shift — measures visual stability. How much the page layout shifts during loading. Under 0.1 is good.

0.012

Speed Index Speed Index — how quickly content is visually displayed during load. Under 3.4s is good.

968 ms

Time to Interactive Time to Interactive — how long until the page is fully interactive and responds to user input. Under 3.8s is good.

3.31 s

Detailed Report

Audit breakdown by category with detailed findings.

Performance

Insights

Remove large, duplicate JavaScript modules from bundles to reduce unnecessary bytes consumed by network activity.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Why this matters

Shipping ES5 transpiled code to modern browsers wastes bytes — every user with an evergreen browser pays for compatibility you don't need.

Learn more ▾

Source: Google web.dev / Lighthouse

3rd party code can significantly impact load performance. Reduce and defer loading of 3rd party code to prioritize your page's content.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Consider setting font-display to swap or optional to ensure text is consistently visible. swap can be further optimized to mitigate layout shifts with font metric overrides.

Why this matters

Performance issues directly impact user engagement and conversion rates.

URL	Est Savings
uwaterloo.ca/fonts/Bureau_Grot-Condensed_Book.woff2	25 ms
uwaterloo.ca/fonts/lineto-typ1451-regular.woff2	20 ms
uwaterloo.ca/fonts/Bureau_Grot-Book.woff2	15 ms
uwaterloo.ca/fonts/Bureau_Grot-Condensed_Bold.woff2	15 ms
uwaterloo.ca/fonts/Bureau_Grot-Light.woff2	10 ms
uwaterloo.ca/fonts/lineto-typ1451-medium.woff2	10 ms

Why this matters

Performance issues directly impact user engagement and conversion rates.

headings: [map[key:source label:Top function call valueType:source-location] map[granularity:1 key:reflowTime label:Total reflow time valueType:ms]]

items: [map[reflowTime:7.301 source:map[column:8495 line:5 type:source-location url:https://uwaterloo.ca/ urlProvider:network]]]

headings: [map[key:source label:Source valueType:source-location] map[granularity:1 key:reflowTime label:Total reflow time valueType:ms]]

items: [map[reflowTime:158.892 source:map[type:text value:[unattributed]]] map[reflowTime:3.315 source:map[column:52061 line:1 type:source-location url:https://uwaterloo.ca/sites/default/files/js/js_K0AVs7DJKR_a7_Vk27HZOpkH8tP2fsTngk57D3Bl9BY.js urlProvider:network]] map[reflowTime:1.005 source:map[column:52780 line:1 type:source-location url:https://uwaterloo.ca/sites/default/files/js/js_K0AVs7DJKR_a7_Vk27HZOpkH8tP2fsTngk57D3Bl9BY.js urlProvider:network]] map[reflowTime:0.216 source:map[column:52838 line:1 type:source-location url:https://uwaterloo.ca/sites/default/files/js/js_K0AVs7DJKR_a7_Vk27HZOpkH8tP2fsTngk57D3Bl9BY.js urlProvider:network]] map[reflowTime:0.226 source:map[column:52902 line:1 type:source-location url:https://uwaterloo.ca/sites/default/files/js/js_K0AVs7DJKR_a7_Vk27HZOpkH8tP2fsTngk57D3Bl9BY.js urlProvider:network]] map[reflowTime:0.538 source:map[column:56721 line:1 type:source-location url:https://uwaterloo.ca/sites/default/files/js/js_K0AVs7DJKR_a7_Vk27HZOpkH8tP2fsTngk57D3Bl9BY.js urlProvider:network]] map[reflowTime:0.726 source:map[column:52083 line:1 type:source-location url:https://uwaterloo.ca/sites/default/files/js/js_K0AVs7DJKR_a7_Vk27HZOpkH8tP2fsTngk57D3Bl9BY.js urlProvider:network]] map[reflowTime:1.275 source:map[column:53815 line:1 type:source-location url:https://uwaterloo.ca/sites/default/files/js/js_K0AVs7DJKR_a7_Vk27HZOpkH8tP2fsTngk57D3Bl9BY.js urlProvider:network]]]

Reducing the download time of images can improve the perceived load time of the page and LCP. Learn more about optimizing image size

Why this matters

Performance issues directly impact user engagement and conversion rates.

	URL	Resource Size	Est Savings
Dr. Sarah Burch walking across Waterloo campus `div.uw-waterloo-news > div.uw-waterloo-news__featured > picture.uw-picture > img.uw-picture__fallback`	/sites/default/files/styles/uw_is_media_x_large/public/up...	116.8 KiB	92.1 KiB
Aerial view of campus with yellow checkmark `a > div.card__banner--media > picture.uw-picture > img.uw-picture__fallback`	/sites/default/files/styles/uw_is_media_x_large/public/up...	107.4 KiB	62.5 KiB

Optimize LCP by making the LCP image discoverable from the HTML immediately, and avoiding lazy-loading

Why this matters

Performance issues directly impact user engagement and conversion rates.

lhId: page-2-IMG

nodeLabel: Professor teaching a student with VO2 max machine

path: 1,HTML,1,BODY,5,DIV,0,DIV,2,MAIN,0,DIV,0,DIV,0,ARTICLE,0,DIV,0,DIV,0,ARTICLE,0,DIV,0,ARTICLE,0,DIV,0,DIV,0,A,1,DIV,0,PICTURE,8,IMG

selector: a > div.card__banner--media > picture.uw-picture > img.uw-picture__fallback

snippet: <img class="uw-picture__fallback" src="https://uwaterloo.ca/sites/default/files/styles/uw_is_media_x_large/public…" alt="Professor teaching a student with VO2 max machine">

Avoid chaining critical requests by reducing the length of chains, reducing the download size of resources, or deferring the download of unnecessary resources to improve page load.

Why this matters

Performance issues directly impact user engagement and conversion rates.

title: Preconnected origins

description: Add [preconnect](https://developer.chrome.com/docs/lighthouse/performance/uses-rel-preconnect/) hints to your most important origins, but try to use no more than 4.

title: Preconnect candidates

value: No additional origins are good candidates for preconnecting

Requests are blocking the page's initial render, which may delay LCP. Deferring or inlining can move these network requests out of the critical path.

Why this matters

Performance issues directly impact user engagement and conversion rates.

URL	Transfer Size	Duration
/sites/default/files/css/css_mvPXsrvEKREtRqwt2W6WaQZQ8ZCA...	131.0 KiB	244 ms
/sites/default/files/css/css_yYIob_JSc1msF-q-DpGs3SxT09DU...	4.7 KiB

A long cache lifetime can speed up repeat visits to your page. Learn more about caching.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Request	Cache TTL	Transfer Size
connect.facebook.net/en_US/fbevents.js	1200.0 s	96.6 KiB
/signals/config/1633448083948715?v=2.9.303&r=stable&domai...	1200.0 s	44.5 KiB
www.google-analytics.com/analytics.js	7200.0 s	20.8 KiB
tags.srv.stackadapt.com/events.js	5.0 s	7.7 KiB
snap.licdn.com/li.lms-analytics/insight.min.js	86400.0 s	18.7 KiB
origin.acuityplatform.com/event/v2/pixel.js	0.0 ms	2.7 KiB
wat.test.technolutions.net/ping	1794.0 s	966 B
/collect?v=2&fmt=js&pid=6710970&time=1776802408163&li_ads...	0.0 ms	272 B
/tr/?id=1633448083948715&ev=PageView&dl=https%3A%2F%2Fuwa...	0.0 ms	16 B

These insights are also available in the Chrome DevTools Performance Panel - record a trace to view more detailed information.

Time to Interactive is the amount of time it takes for the page to become fully interactive. Learn more about the Time to Interactive metric.

Why this matters

Performance issues directly impact user engagement and conversion rates.

TTI

Diagnostics

Minifying JavaScript files can reduce payload sizes and script parse time. Learn how to minify JavaScript.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Estimated savings: 40 ms 10.2 KiB

URL	Transfer Size	Est Savings
/sites/default/files/js/js_K0AVs7DJKR_a7_Vk27HZOpkH8tP2fs...	71.9 KiB	10.2 KiB

Reduce unused rules from stylesheets and defer CSS not used for above-the-fold content to decrease bytes consumed by network activity. Learn how to reduce unused CSS.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Estimated savings: 80 ms 118.7 KiB

URL	Transfer Size	Est Savings
/sites/default/files/css/css_mvPXsrvEKREtRqwt2W6WaQZQ8ZCA...	129.0 KiB	118.7 KiB

Reduce unused JavaScript and defer loading scripts until they are required to decrease bytes consumed by network activity. Learn how to reduce unused JavaScript.

Why this matters

Multi-megabyte JavaScript bundles delay every interactive feature on the page.

Learn more ▾

Source: Google web.dev / Lighthouse

Estimated savings: 40 ms 487.0 KiB

URL	Transfer Size	Est Savings
www.googletagmanager.com/gtag/destination?id=AW-869143110&cx=c&gtm=4e64h1	170.1 KiB	67.9 KiB
www.googletagmanager.com/gtm.js?id=GTM-M9XLVF	175.3 KiB	67.5 KiB
www.googletagmanager.com/gtag/js?id=G-L2Z2MKPQ2G	155.4 KiB	64.6 KiB
www.googletagmanager.com/gtag/destination?id=AW-848079280&cx=c&gtm=4e64h1	145.6 KiB	61.7 KiB
www.googletagmanager.com/gtag/js?id=G-W3BFRPSG9B&cx=c&gtm=4e64h1	171.9 KiB	60.8 KiB
www.googletagmanager.com/gtag/destination?id=AW-868082214&cx=c&gtm=4e64h1	134.1 KiB	58.7 KiB
/sites/default/files/js/js_K0AVs7DJKR_a7_Vk27HZOpkH8tP2fs...	71.9 KiB	41.2 KiB
connect.facebook.net/en_US/fbevents.js	96.5 KiB	34.6 KiB
cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.7/config/TeX-AMS_HTML.js?V=2.7.7	53.1 KiB	29.9 KiB

More information about the performance of your application. These numbers don't directly affect the Performance score.

●Max Potential First Input Delay 110 ms

●Layout shift culprits

●Document request latency

●Optimize DOM size

●LCP breakdown

●Modern HTTP

●Optimize viewport for mobile

●Minify CSS

●Avoids enormous network payloads Total size was 1,997 KiB

●User Timing marks and measures 29 user timings

●JavaScript execution time 0.8 s

●Minimizes main-thread work 1.6 s

●Avoid long main-thread tasks 7 long tasks found

●Avoid non-composited animations 5 animated elements found

●Image elements have explicit `width` and `height`

●Page didn't prevent back/forward cache restoration

●Network Requests

●Network Round Trip Times 70 ms

●Server Backend Latencies 90 ms

●Tasks

●Diagnostics

●Metrics

●Screenshot Thumbnails

●Final Screenshot

●Script Treemap Data

●Resources Summary

●Avoid multiple page redirects

●Initial server response time was short Root document took 10 ms

●Avoid large layout shifts 15 layout shifts found

○INP breakdown

Accessibility

ARIA

ARIA dialog elements without accessible names may prevent screen readers users from discerning the purpose of these elements. Learn how to make ARIA dialog elements more accessible.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Failing Elements
We use cookies on this site to enhance your user experience Select 'Accept all… `body.org-default > div#sliding-popup > div.eu-cookie-compliance-banner > div.popup-content`

These are opportunities to improve the usage of ARIA in your application which may enhance the experience for users of assistive technology, like a screen reader.

Navigation

Why this matters

Performance issues directly impact user engagement and conversion rates.

Failing Elements
Discover Waterloo by the numbers → `div.uw-text-align--center > div.uw-copy-text > div.uw-copy-text__wrapper > h3`

These are opportunities to improve keyboard navigation in your application.

○Interactive controls are keyboard focusable

○Interactive elements indicate their purpose and state

○The page has a logical tab order

○Visual order on the page follows DOM order

○User focus is not accidentally trapped in a region

○The user's focus is directed to new content added to the page

○HTML5 landmark elements are used to improve navigation

○Offscreen content is hidden from assistive technology

○Custom controls have associated labels

○Custom controls have ARIA roles

●`[aria-*]` attributes match their roles

●`[aria-hidden="true"]` is not present on the document `<body>`

●`[role]`s have all required `[aria-*]` attributes

●`[role]` values are valid

●`[aria-*]` attributes have valid values

●`[aria-*]` attributes are valid and not misspelled

●Buttons have an accessible name

●Image elements have `[alt]` attributes

●Input buttons have discernible text.

●Form elements have associated labels

●`[user-scalable="no"]` is not used in the `<meta name="viewport">` element and the `[maximum-scale]` attribute is not less than 5.

●Select elements have associated label elements.

●ARIA attributes are used as specified for the element's role

●`[aria-hidden="true"]` elements do not contain focusable descendents

●Elements use only permitted ARIA attributes

●Background and foreground colors have a sufficient contrast ratio

●Document has a `<title>` element

●`<html>` element has a `[lang]` attribute

●`<html>` element has a valid value for its `[lang]` attribute

●Links are distinguishable without relying on color.

●Links have a discernible name

●Lists contain only `<li>` elements and script supporting elements (`<script>` and `<template>`).

●List items (`<li>`) are contained within `<ul>`, `<ol>` or `<menu>` parent elements

●No element has a `[tabindex]` value greater than 0

●Touch targets have sufficient size and spacing.

●`[lang]` attributes have a valid value

●Document has a main landmark.

●Deprecated ARIA roles were not used

○`[accesskey]` values are unique

○`button`, `link`, and `menuitem` elements have accessible names

○ARIA input fields have accessible names

○ARIA `meter` elements have accessible names

○ARIA `progressbar` elements have accessible names

○Elements with an ARIA `[role]` that require children to contain a specific `[role]` have all required children.

○`[role]`s are contained by their required parent element

○Elements with the `role=text` attribute do not have focusable descendents.

○ARIA toggle fields have accessible names

○ARIA `tooltip` elements have accessible names

○ARIA `treeitem` elements have accessible names

○The page contains a heading, skip link, or landmark region

○`<dl>`'s contain only properly-ordered `<dt>` and `<dd>` groups, `<script>`, `<template>` or `<div>` elements.

○Definition list items are wrapped in `<dl>` elements

○ARIA IDs are unique

○No form fields have multiple labels

○`<frame>` or `<iframe>` elements have a title

○`<html>` element has an `[xml:lang]` attribute with the same base language as the `[lang]` attribute.

○`<input type="image">` elements have `[alt]` text

○The document does not use `<meta http-equiv="refresh">`

○`<object>` elements have alternate text

○Skip links are focusable.

○Cells in a `<table>` element that use the `[headers]` attribute refer to table cells within the same table.

○`<th>` elements and elements with `[role="columnheader"/"rowheader"]` have data cells they describe.

○`<video>` elements contain a `<track>` element with `[kind="captions"]`

○Tables have different content in the summary attribute and `<caption>`.

○All heading elements contain content.

○Uses ARIA roles only on compatible elements

○Image elements do not have `[alt]` attributes that are redundant text.

○Identical links have the same purpose.

○Elements with visible text labels have matching accessible names.

○Tables use `<caption>` instead of cells with the `[colspan]` attribute to indicate a caption.

○`<td>` elements in a large `<table>` have one or more table headers.

Best Practices

General

Deprecated APIs will eventually be removed from the browser. Learn more about deprecated APIs.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Deprecation / Warning	Source
AttributionReporting	snap.licdn.com/li.lms-analytics/insight.min.js

Errors logged to the console indicate unresolved problems. They can come from network request failures and other browser concerns. Learn more about this errors in console diagnostic audit

Why this matters

Performance issues directly impact user engagement and conversion rates.

Source Description

Source	Description
www.googletagmanager.com/gtm.js?id=GTM-M9XLVF line 244, col 482	Loading the script 'https://bat.bing.com/bat.js' violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://uwaterloo.ca https://.uwaterloo.ca https://maxcdn.bootstrapcdn.com https://.google.com https://.google-analytics.com https://.googleapis.com https://.gstatic.com https://.googletagmanager.com https://.googleusercontent.com https://.googleadservices.com https://.g.doubleclick.net https://6263835.fls.doubleclick.net https://ad.doubleclick.net https://14868352.fls.doubleclick.net https://cdnjs.cloudflare.com https://twitter.com https://.twitter.com https://.twimg.com https://.facebook.com https://.facebook.net https://scontent.xx.fbcdn.net https://.youtube.com https://.youtube-nocookie.com https://s.ytimg.com https://.livestream.com https://.webspellchecker.net https://cdn.mathjax.org https://.addtoany.com https://.vimeo.com https://.vimeocdn.com https://cdn.leafletjs.com https://cdn-geoweb.s3.amazonaws.com https://cdn.maptiks.com https://api.tiles.mapbox.com https://d591zijq8zntj.cloudfront.net https://.libanswers.com https://.libchat.com https://secure.skype.com https://cdn-akamai.mookie1.com https://.tiqcdn.com https://snap.licdn.com https://.ads.linkedin.com https://secure.adnxs.com https://public.tableau.com https://codepen.io https://cpwebassets.codepen.io https://static.codepen.io https://public.codepenassets.com https://app.powerbi.com https://s.yimg.com https://sp.analytics.yahoo.com https://chat.socialintents.com https://hcaptcha.com https://newassets.hcaptcha.com https://code.jquery.com https://experience.arcgis.com https://api.mapbox.com https://www.instagram.com https://vuejs.org https://cdn.jsdelivr.net https://js-agent.newrelic.com https://bam.nr-data.net https://us-central1-pantheon-psapps.cloudfunctions.net https://cdn.ckeditor.com https://netdna.bootstrapcdn.com https://.hotjar.com https://.hotjar.io https://.kuali.co https://drupal-oauth.mailchimp.com https://srv.stackadapt.com https://.srv.stackadapt.com https://qvdt3feo.com https://origin.acuityplatform.com https://e.acuityplatform.com https://*.clarity.ms https://c.bing.com https://www.redditstatic.com https://events.reddit.com https://wat-2.test.technolutions.net https://wat.test.technolutions.net https://fw.cdn.technolutions.net https://mx.technolutions.net https://wat-backup.test.technolutions.net https://slate-technolutions-net.cdn.technolutions.net https://grad-apply-uwaterloo-ca.cdn.technolutions.net". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback. The action has been blocked.

www.googletagmanager.com/gtm.js?id=GTM-M9XLVF line 244, col 482

Loading the script 'https://bat.bing.com/bat.js' violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://uwaterloo.ca https://*.uwaterloo.ca https://maxcdn.bootstrapcdn.com https://*.google.com https://*.google-analytics.com https://*.googleapis.com https://*.gstatic.com https://*.googletagmanager.com https://*.googleusercontent.com https://*.googleadservices.com https://*.g.doubleclick.net https://6263835.fls.doubleclick.net https://ad.doubleclick.net https://14868352.fls.doubleclick.net https://cdnjs.cloudflare.com https://twitter.com https://*.twitter.com https://*.twimg.com https://*.facebook.com https://*.facebook.net https://scontent.xx.fbcdn.net https://*.youtube.com https://*.youtube-nocookie.com https://s.ytimg.com https://*.livestream.com https://*.webspellchecker.net https://cdn.mathjax.org https://*.addtoany.com https://*.vimeo.com https://*.vimeocdn.com https://cdn.leafletjs.com https://cdn-geoweb.s3.amazonaws.com https://cdn.maptiks.com https://api.tiles.mapbox.com https://d591zijq8zntj.cloudfront.net https://*.libanswers.com https://*.libchat.com https://secure.skype.com https://cdn-akamai.mookie1.com https://*.tiqcdn.com https://snap.licdn.com https://*.ads.linkedin.com https://secure.adnxs.com https://public.tableau.com https://codepen.io https://cpwebassets.codepen.io https://static.codepen.io https://public.codepenassets.com https://app.powerbi.com https://s.yimg.com https://sp.analytics.yahoo.com https://chat.socialintents.com https://hcaptcha.com https://newassets.hcaptcha.com https://code.jquery.com https://experience.arcgis.com https://api.mapbox.com https://www.instagram.com https://vuejs.org https://cdn.jsdelivr.net https://js-agent.newrelic.com https://bam.nr-data.net https://us-central1-pantheon-psapps.cloudfunctions.net https://cdn.ckeditor.com https://netdna.bootstrapcdn.com https://*.hotjar.com https://*.hotjar.io https://*.kuali.co https://drupal-oauth.mailchimp.com https://srv.stackadapt.com https://*.srv.stackadapt.com https://qvdt3feo.com https://origin.acuityplatform.com https://e.acuityplatform.com https://*.clarity.ms https://c.bing.com https://www.redditstatic.com https://events.reddit.com https://wat-2.test.technolutions.net https://wat.test.technolutions.net https://fw.cdn.technolutions.net https://mx.technolutions.net https://wat-backup.test.technolutions.net https://slate-technolutions-net.cdn.technolutions.net https://grad-apply-uwaterloo-ca.cdn.technolutions.net". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback. The action has been blocked.

Why this matters

Performance issues directly impact user engagement and conversion rates.

Issue type
Content security policy

●Uses HTTPS

●Avoids third-party cookies

●Allows users to paste into input fields

●Avoids requesting the geolocation permission on page load

●Avoids requesting the notification permission on page load

●Displays images with correct aspect ratio

●Serves images with appropriate resolution

●Page has the HTML doctype

●Properly defines charset

●Ensure CSP is effective against XSS attacks

●Use a strong HSTS policy

●Ensure proper origin isolation with COOP

●Mitigate DOM-based XSS with Trusted Types

●Detected JavaScript libraries

●Page has valid source maps

○Redirects HTTP traffic to HTTPS

○Mitigate clickjacking with XFO or CSP

100

SEO

○Structured data is valid

●Page isn’t blocked from indexing

●Document has a `<title>` element

●Document has a meta description

●Page has successful HTTP status code

●Links have descriptive text

●Links are crawlable

●Image elements have `[alt]` attributes

●Document has a valid `hreflang`

●Document has a valid `rel=canonical`

○robots.txt is valid

Results for https://uwaterloo.ca

Site Health

How you compare

Top Priorities (5)

Fix Priority Matrix

Quick Wins

Strategic

Easy Improvements

Deprioritize

What fixing these means

Conversion Barriers

Speed (2)

Trust (2)

Usability (1)

Content (2)

Navigation (1)

Return on Investment

Investment

Monthly returns

Regulatory risk avoided

Payback period

Estimated Remediation Cost

Cost by category

Cost by effort level

What Inaction Is Costing You

Compliance Risk

Bandwidth Waste

Lighthouse Scores

Core Web Vitals

Detailed Report

Performance

Insights

Diagnostics

Accessibility

ARIA

Navigation

Best Practices

General

SEO

Lighthouse Scores

Core Web Vitals

Detailed Report

Performance

Insights

Diagnostics

Accessibility

ARIA

Navigation

Best Practices

General

SEO

Keyboard Shortcuts