CSP (Content-Security-Policy) Header Test

Check if your site is defending from code injection,
XSS, clickjacking by using CSP header

Checking for the CSP header...

Tested from     on  

Great! Content-Security-Policy header was found
in the HTTP response headers as highlight below.

Couldn’t find the Content-Security-Policy header
in the response headers.

Header Value



About Content Security Policy

CSP (Content Security Policy) is a security header to prevent cross-site scripting, clickjacking, code injection attack.

CSP instruct browser to load content from only allowed source.

You may refer this guide to implement CSP in Apache, Nginx, and Microsoft IIS.

Hand-picked best resources to supercharge
your Website and Business

Explore Collections

More tools for your Website

Ping Test

Check if your site or IP can respond to ping globally

Test Now

Traceroute Test

Traceroute your IP or site to find network related issue

Test Now

TLS 1.3 Test

Test supported TLS version on the site

Test Now

TLS Scanner

Check the supported protocol, server preferences, certificate details, common vulnerabilities and more

Test Now


Check if DNS Security Extensions is enabled on your domain

Test Now

TCP Port Scanner

Quickly find out what ports are open on public Internet-facing IP or website

Test Now

Latest Articles