📨 HTTP Header Analyzer
Analyze HTTP response headers from any URL. Check security headers, caching policies, CORS settings, and server information.
What are HTTP Security Headers?
HTTP security headers are directives sent by a web server in its response to instruct the browser on how to handle the page content. They help protect against common web vulnerabilities such as cross-site scripting (XSS), clickjacking, and data injection attacks.
Key Security Headers
| Header | Description |
|---|---|
| Strict-Transport-Security | Forces HTTPS connections, preventing protocol downgrade attacks |
| Content-Security-Policy | Controls which resources the browser is allowed to load |
| X-Frame-Options | Prevents the page from being embedded in iframes (clickjacking protection) |
| X-Content-Type-Options | Prevents MIME-type sniffing, reducing drive-by download attacks |
| Referrer-Policy | Controls how much referrer information is sent with requests |
| Permissions-Policy | Restricts which browser features the page can use (camera, microphone, etc.) |