Download Latest Version v1.1.1 source code.tar.gz (38.7 kB)
Email in envelope

Get an email when there's a new version of security-headers

Home / v1.0.0
Name Modified Size InfoDownloads / Week
Parent folder
README.md 2026-04-08 908 Bytes
v1.0.0 source code.tar.gz 2026-04-08 31.4 kB
v1.0.0 source code.zip 2026-04-08 50.1 kB
Totals: 3 Items   82.4 kB 0

@trustyourwebsite/security-headers v1.0.0

Zero-dependency Node.js tool that grades website security headers with A+ to F scoring.

Features

  • 11 security headers analyzed: HSTS, CSP, X-Content-Type-Options, X-Frame-Options, Referrer-Policy, Permissions-Policy, X-XSS-Protection, COOP, CORP, COEP, Cache-Control
  • Information disclosure detection: Server, X-Powered-By, X-AspNet-Version
  • Robust CSP parser with directive-level analysis
  • A+ to F grading with severity-weighted scoring
  • 4 output formats: table, JSON, text, CSV
  • CI-friendly: --ci --min-grade B exits with code 1 if below threshold
  • Library API: checkHeaders(url) for programmatic use
  • Zero runtime dependencies — Node.js stdlib only

Usage

:::bash
npx @trustyourwebsite/security-headers https://example.com

Full docs: https://github.com/trustyourwebsite/security-headers#readme

Source: README.md, updated 2026-04-08