Security Headers Checklist

Check raw response headers for common security headers and summarize missing items.

About This Tool

Paste response headers and quickly see which common security headers are present or missing.

Use it as a lightweight review companion before a release or while debugging edge/CDN responses.

Output

Present strict-transport-security
Present content-security-policy
Present x-content-type-options
Present referrer-policy
Missing permissions-policy - Permissions-Policy is missing.

Score

80%

Present

Missing

How to Use

1
Enter the values you need or paste your text into the input area.
2
Adjust any options, units, or settings for your exact use case.
3
Review the result and copy it into your document, workflow, or next task.

Features

Instant Results

Outputs update directly in the browser as you enter values.

Browser-Based Processing

Your inputs are handled locally and are not uploaded for calculation.

Simple Inputs

Clear fields and readable outputs keep repeat tasks fast.

Free to Use

Use the tool immediately with no sign-up or installation.

Common use cases

›Check copied headers from browser DevTools or curl.
›Spot missing HSTS, CSP, or referrer policy headers.
›Create a simple release checklist for frontend deployments.

Related Tools

HTTP Header Normalizer

Normalize raw HTTP headers, find duplicates, and flag missing common security headers.

CSP Audit Helper

Parse a Content-Security-Policy header and flag risky directives such as unsafe-inline and missing base-uri.

Set-Cookie Header Parser

Parse Set-Cookie headers and review Secure, HttpOnly, SameSite, Max-Age, and Path attributes.

Developer Tools

QR Code Generator Password Generator JSON Formatter & Validator Hash Generator UUID Generator Unix Timestamp Converter