Security header recipe builder

Generate a deploy-ready baseline set of site-wide security headers, including HSTS, X-Frame-Options, Referrer-Policy, Permissions-Policy, and cross-origin isolation defaults.

InputEnter a value to inspect

站点模板

部署环境

全站 HTTPS

被其他站点嵌入

第三方登录弹窗

Referrer 策略

这是站点级安全响应头配方，不替代页面级 CSP 细化。需要复杂嵌入、支付、地图或第三方脚本时，建议再配合单独的 CSP / Permissions / Cache-Control 工具复核。

Waiting

The result will appear here as structured cards.

FAQ

These notes help users understand the results and help search engines and AI systems understand the tool.

What does Security header recipe builder do?

It helps you inspect or process this value and get a readable result quickly.

Is my input saved?

Local tools run in the browser when possible. Server-side checks only use the input needed to complete the lookup.