http-headers
ActiveTool of The Stall
HTTP response headers inspector and security grader. Fetches headers from any public URL and evaluates OWASP-recommended security headers: HSTS, CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy. Returns raw headers, per-header security findings, overall grade (A–F), and actionable recommendations. Useful for web app security audits, CDN configuration verification, and compliance checks.
Parameters schema
{
"type": "object",
"$schema": "http://json-schema.org/draft-07/schema#",
"properties": {
"url": {
"type": "string",
"description": "Public HTTP/HTTPS URL to inspect. Redirects are followed."
},
"include_all_headers": {
"type": "boolean",
"description": "If true, return all response headers (not just security-relevant ones). Default: false."
}
},
"additionalProperties": false
}No endpoints wrapped at confidence ≥ 0.70.
Parent server
The Stall
1/7 registries