← All tools
Free security tool
Review Content Security Policy coverage
Find missing CSP, unsafe directives, weak script policies, and places where browser-side protection can improve.
Run this focused check
Test one URL now. The result links naturally into a full WebSentry report and monitoring workflow.
What it checks
Missing CSP
unsafe-inline
unsafe-eval
frame-ancestors
upgrade-insecure-requests
Why it matters
A well-designed CSP reduces the impact of cross-site scripting and helps browsers block unsafe scripts, frames, and mixed resources.
Common fixes
Start with report-only mode
Remove unsafe directives over time
Add frame-ancestors for clickjacking protection
Turn one check into ongoing protection.
Create an account to save scan history, export reports, and monitor sites for security grade drops.