This tool runs entirely in your browser and requires JavaScript. Please enable JavaScript to use it. No data is uploaded.

Free, browser-based utilities for everyday developer workflows

Paste raw HTTP response headers (one per line)

no input

Critical-

High-

Medium-

Low-

Passing-

Scores follow Mozilla Observatory–style deductions. Bonus points apply for modern isolation headers (COOP/COEP/CORP, Permissions-Policy).

Plain-text report

HTTP Security Headers Analyzer

How to use HTTP Security Headers Analyzer