This browser extension evaluates a degree of trustworthiness and safety on every website you visit by inspecting the received HTTP headers and their compliance with the leading industry standards: a configured Content Security Policy (CSP), an absence of disclosed vulnerabilities for the current server version, etc. All HTTP headers (along with the redirects) are being recorded for the further examination in a convenient tabular form together with a grade (from A to F) of the security compliance.
The extension is available for the download in Chrome Web Store.
- Displays list of HTTP headers in the response and their values.
- If there were several requests, such as requests to the server made a redirect, you can see list of all requests.
- Extensions detects the presence of the security headers.
- Determine the server and the technology used on the server.
-
Clone the repository.
-
- If you've got Node.js installed via NVM, enter the project folder and run
nvm useto automatically catch up to the latest stable Node version. - If the step above is not applicable in your case, just run
npm installin the project folder using Node 7 or above.
- If you've got Node.js installed via NVM, enter the project folder and run
-
Run
npm run build. Everything should run succesfully and createdistfolder with the extension content. -
Enable developer mode for Google Chrome extensions.
-
Load
distfolder as an extension in Google Chrome.
This section is to be done. Please advise with the maintainers directly if you are planning to make a pull request.