| Name | Modified | Size | Downloads / Week |
|---|---|---|---|
| Parent folder | |||
| README.md | 2026-04-08 | 908 Bytes | |
| v1.0.0 source code.tar.gz | 2026-04-08 | 31.4 kB | |
| v1.0.0 source code.zip | 2026-04-08 | 50.1 kB | |
| Totals: 3 Items | 82.4 kB | 0 | |
@trustyourwebsite/security-headers v1.0.0
Zero-dependency Node.js tool that grades website security headers with A+ to F scoring.
Features
- 11 security headers analyzed: HSTS, CSP, X-Content-Type-Options, X-Frame-Options, Referrer-Policy, Permissions-Policy, X-XSS-Protection, COOP, CORP, COEP, Cache-Control
- Information disclosure detection: Server, X-Powered-By, X-AspNet-Version
- Robust CSP parser with directive-level analysis
- A+ to F grading with severity-weighted scoring
- 4 output formats: table, JSON, text, CSV
- CI-friendly:
--ci --min-grade Bexits with code 1 if below threshold - Library API:
checkHeaders(url)for programmatic use - Zero runtime dependencies — Node.js stdlib only
Usage
:::bash
npx @trustyourwebsite/security-headers https://example.com
Full docs: https://github.com/trustyourwebsite/security-headers#readme