← All tools
Free security tool
Review Content Security Policy coverage
Find missing CSP, unsafe directives, weak script policies, and places where browser-side protection can improve.
Run the full scan
Get this check plus the complete WebSentry security report for the URL.
What it checks
Missing CSP
unsafe-inline
unsafe-eval
frame-ancestors
upgrade-insecure-requests
Why it matters
A well-designed CSP reduces the impact of cross-site scripting and helps browsers block unsafe scripts, frames, and mixed resources.
Common fixes
Start with report-only mode
Remove unsafe directives over time
Add frame-ancestors for clickjacking protection
Turn one check into ongoing protection.
Create an account to save scan history, export reports, and monitor sites for security grade drops.