Run a free test of a website’s HTTP headers and learn how it performs from a security perspective!

Checks for the following headers and their values:

  • Access Control Allow Origin
  • Content Security Policy
  • Cross Domain Meta Policy
  • NoSniff
  • Server Information
  • Strict Transport Security
  • UTF-8 Character Encoding
  • X-Frame-Options
  • X-Powered-By
  • X-XSS-Protection →

Elsewhere , ,

One Response to

  1. scorp13 says:

    Decided to sort out with my server’s settings. The biggest problem turned out the Content-Security-Policy header — a difficult choice between the security and convenience of using third-party libraries.

Leave a Reply

Your email address will not be published. Required fields are marked *