HTTP Security Header Checker

One-click security header analysis with scoring and fix suggestions for web developers and security engineers

HTTP Security Header Checker is a one-click security analysis tool that inspects HTTP response headers on any website and gives you an actionable security report. 🔍 WHAT IT DOES • Scans 18 security headers in a single click • Grades your site from A+ to F based on weighted severity scoring • Detects missing, misconfigured, and information-leaking headers • Provides exact fix suggestions with recommended header values 📋 HEADERS CHECKED High Severity: Content-Security-Policy (CSP), HSTS, X-Content-Type-Options, X-Frame-Options, Set-Cookie attributes Medium Severity: Referrer-Policy, Permissions-Policy, X-XSS-Protection, COOP, CORP, Cache-Control Low Severity: COEP, CSP-Report-Only, X-Permitted-Cross-Domain-Policies, Pragma Info Leak Detection: Server version exposure, X-Powered-By disclosure ✨ KEY FEATURES • Instant A+ to F security grade • Color-coded header status (green=good, red=problem) • Detailed issue explanations for each missing/misconfigured header • Copy full report as Markdown for documentation • Save reports as Word (.doc) or HTML files • Scan history — browse your last 50 results • Works offline — all analysis runs locally in your browser 🎯 WHO IT'S FOR Web developers securing their sites • Security engineers doing quick audits • DevOps checking deployment configs • Anyone who wants a fast security health check 🔒 PRIVACY No data is collected. No data is sent to external servers. All analysis happens entirely in your browser using local storage only. HOW TO USE 1. Install the extension 2. Visit any website 3. Click the extension icon in your toolbar 4. Click "Scan" — results appear instantly 5. Click any header row for details and fix suggestions