The SecurityHeaders.io Chrome and Firefox Extension

In a little over 2 months my HTTP header analysing service, securityheaders.io, has seen over 300,000 scans performed! In order to make the service easier to use I've created a Chrome Extension so you can analyse the headers of a site you're currently visiting without leaving the page.

 

You can get the extension for Chrome right here: https://scotthel.me/shce

security headers chrome extension

 

You can get the extension for Firefox right here: https://scotthel.me/shfe

firefox extension

 

The Extension

The extension is really simple and gives you an icon alongside the omnibox/address bar as you would expect. You can see it in the top right of the browser window here:

extension icon

 

To get the score of the page you are looking at, simply click the icon. The extension will then request the score and display it.

extension icon with score

 

If you want more information you can click on the score and it will open a new tab to display the full report on the securityheaders.io site. There will be some limitations, for example on pages where you are authenticated, as the extension is calling out to the site for the score, which won't be able to see authenticated pages and may be redirected away. All actions performed by the extension, and the report pages if they are opened, are automatically hidden and no information will be publicly displayed on the site.

The source for the extension is also on GitHub. Happy scanning!

 

Scott.
Short URL: https://scotthel.me/sf8

 

Author image
About Scott
Researcher, blogger and international speaker. I'm the creator of report-uri.io and securityheaders.io, free tools to help improve online security.