For website security testers, http security header misery and the consequences.
Test online:
https://securityheaders.com/What is being tested?
Headers We Examine
Access Control Allow Origin
Content Security Policy
Cross Domain Meta Policy
NoSniff
Server Information
Strict Transport Security
UTF-8 Character Encoding
X-Frame-Options
X-Powered-By
X-XSS-Protection
Get going, get aware, get secure!
polonus