Chrome extension that allows the inspection of security aspects of a site's HTTP headers, cookies and other key security settings.
A security extension for non security experts and experts alike. Ideal for developers and quality assurance testers who quickly want to identify issues that would enhance the security of their web applications. This extension allows you to quickly see the security attributes of: - Security relevant HTTP headers returned from the web server. - Cookies for the site currently being viewed. - Page meta headers that replicate HTTP security header functionality. - HTML form and element auto-complete status. Full explanations of the issues found are provided via context help. Also included are notes around any considerations before attempting resolution and details of the best practice configurations. For advanced users there are also further details available (accessed via the green plus icons) showing: - All HTTP headers: full listing of the headers returned, with highlighting. - All Cookies: full listing of the cookies and their attributes for the site currently being viewed.
- (2015-07-29) Ivano: Provides some useful information but doesn't detect the headers properly: often flags the headers as "Not returned" even though they are.
- (2014-01-26) Royce Williams: A one-stop shop for a variety of web-development security checks. A work in progress, and great work so far!
- (2013-10-17) Carlos Fernandez San Millan: I really found it helpful . I strongly recommend it. I agree that having it integrated with Chrome DevTools would make it even better. Thank you and keep up the work!
- (2013-08-13) Jason Karns: Would be better if it used a panel in Chrome DevTools. The information provided is quite useful, but the toolbar popup is clunky. Hard to really digest the info in such small screen real estate.
- (2018-01-26, v:18.104.22.168) Ali Price: collaboration
Hi if you are interested in collaboration, please text me [email protected]