LaunchWithDilip ToolsSecurity Headers Checker
● BROWSER SECURITY POLICY

Check the headers browsers
use to defend users.

Review HSTS, Content Security Policy, frame protection, nosniff, Referrer-Policy, and Permissions-Policy after safe redirects.

Only public HTTP/HTTPS URLs on standard ports are supported. Query strings and fragments are removed before inspection and display.

How to interpret this check

Presence is not perfection

A header can exist and still be too permissive for a specific application. Treat this as evidence, not a formal security audit.

Final response matters

The checker follows safe redirects and scores the final response because that is what browsers actually render.

Policy rollout needs care

Headers like CSP and HSTS should be tested before strict rollout to avoid breaking legitimate site behavior.