CSP Header Checker
A missing or report-only Content Security Policy leaves your site vulnerable to XSS attacks. Glook checks for CSP presence, mode (enforce vs report-only), and basic directive coverage.
18
Sites audited
64/100
Avg score
22%
Pass rate