HTTP Headers Explainer

Paste a set of HTTP response headers; get a plain-English explanation of each plus security implications. Flags missing critical headers (CSP, HSTS, X-Content-Type-Options), insecure values, and conflicting directives.

How to use the HTTP Headers Explainer

Paste response headers (curl -I output works, browser DevTools header copy works). The explainer describes each, calls out security implications, and reports missing recommended security headers (HSTS, CSP, X-Frame-Options, etc.).