Http Security Headers
БесплатноНе проверенAnalyze and score HTTP security headers (CSP, HSTS, CORS, cookies) with actionable fix recommendations for web applications.
Описание
Analyze and score HTTP security headers (CSP, HSTS, CORS, cookies) with actionable fix recommendations for web applications.
README
Analyze and score HTTP security headers (CSP, HSTS, CORS, cookies) with actionable fix recommendations for web applications.
Tools
| Tool | Description |
|---|---|
scan_headers |
Fetch a URL and analyze all security headers. Returns A+ to F grade with findings. |
score_headers |
Score a set of headers you provide. Returns grade and per-header breakdown. |
analyze_csp |
Deep analysis of a Content-Security-Policy header. Detects unsafe sources and bypass risks. |
generate_headers |
Generate recommended security headers config for Express, Next.js, nginx, Apache, Cloudflare, or Vercel. |
Quick Start
Install from MCPize (Recommended)
npx -y mcpize connect @shakiltousif/http-security-headers-mcp --client claude
Or visit: mcpize.com/mcp/http-security-headers-mcp
Per-client install
Claude: claude mcp add --transport http http-security-headers-mcp https://http-security-headers-mcp.mcpize.run/mcp
Cursor: cursor mcp add http-security-headers-mcp https://http-security-headers-mcp.mcpize.run/mcp
Windsurf: windsurf mcp add http-security-headers-mcp https://http-security-headers-mcp.mcpize.run/mcp
JSON Config (manual setup)
{
"mcpServers": {
"http-security-headers-mcp": {
"url": "https://http-security-headers-mcp.mcpize.run/mcp"
}
}
}
Run Locally
npm install
mcpize dev # Start dev server with hot reload
mcpize dev --playground # Interactive testing in your browser
Server runs at http://localhost:3000/mcp
Development
mcpize dev # Development mode (port 3000, hot reload, loads .env)
npm run build # Compile TypeScript
npm test # Run unit tests (26 tests)
bash test-mcp.sh # MCP protocol smoke test (14 checks)
npm start # Run compiled server (port 8080)
Deploy
mcpize login # Authenticate (opens browser)
mcpize deploy # Ship it!
Project Structure
src/
index.ts # Express + MCP server setup, tool registration
tools.ts # Pure business logic (header analysis, scoring, CSP parsing)
tests/
tools.test.ts # Unit tests (vitest)
test-mcp.sh # MCP protocol smoke test
mcpize.yaml # MCPize deployment config
Dockerfile # Production container build
License
MIT
Установка Http Security Headers
У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.
▸ github.com/shakiltousif/http-security-headers-mcpFAQ
Http Security Headers MCP бесплатный?
Да, Http Security Headers MCP бесплатный — установка в пару кликов через Unyly без оплаты.
Нужен ли API-ключ для Http Security Headers?
Нет, Http Security Headers работает без API-ключей и переменных окружения.
Http Security Headers — hosted или self-hosted?
Доступен hosted-вариант: Unyly запускает сервер в облаке, локальная установка не обязательна.
Как установить Http Security Headers в Claude Desktop, Claude Code или Cursor?
Открой Http Security Headers на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.
Похожие MCP
GitHub
PRs, issues, code search, CI status
автор: GitHubFilesystem
Secure file operations with configurable access controls.
Memory
Knowledge graph-based persistent memory system.
Template MCP Server
A CLI tool to create a new Model Context Protocol server project with TypeScript support, dual transport options, and an extensible structure
автор: mcpdotdirectCompare Http Security Headers with
Не уверен что выбрать?
Найди свой стек за 60 секунд
Автор?
Embed-бейдж для README
Похожее
Все в категории development
