Secure website but security not optimal!

CloudFlare security not optimal: https://sritest.io/#report/ae9e4ded-da87-4e6b-b203-ced66306b0d4 (Site has PFS)
See: -http://strawpoll.me
Detected libraries:
angularjs - 1.4.3 : -https://ajax.googleapis.com/ajax/libs/angularjs/1.4.3/angular.min.js
Info: Severity: low
https://github.com/angular/angular.js/blob/master/CHANGELOG.md
1 vulnerable library detected - Read: http://geekswithblogs.net/alexhildyard/archive/2016/02/23/simple-generic-crud-with-angularjs-parse-and-bootstrap.aspx

Consider also: https://www.eff.org/https-everywhere/atlas/domains/strawpoll.me.html
Only minor issues: http://www.dnsinspect.com/strawpoll.me/1459193619
See: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fstatic.strawpoll.me%2Fscripts%2Flib%2Fd3%2Fd3.min.js

Page tries to launch script from non-verified sources

pol

For backgrounds, read here: http://www.theregister.co.uk/2016/03/24/see_a_pin_and_pick_it_up_for_the_sake_of_security/
and specifically here: https://www.w3.org/TR/upgrade-insecure-requests/

polonus