Validate Content Security Policy headers against W3C spec and common pitfalls.
JWT tools (decode, encode/sign HS256, validate expiry/signature), OAuth tools (client setup, PKCE generator/verifier, scope builder, state/token validator), crypto tools (bcrypt PBKDF2, AES-128-CBC encrypt/decrypt, cookie parser/security analyzer, CSP nonce generator/policy builder), SSL scanner, and SAML assertion decoder. (SHA/MD5 hash has its own dedicated page.)
Build a Content Security Policy header by selecting directives and allowed sources.
Generate common HTTP headers for JSON, REST, and GraphQL APIs with correct Content-Type and authorization patterns.
Add professional headers and footers to every page of your PDF. Supports text, page numbers ({{page}}/{{total}}), dates, and custom alignment. Perfect for reports and official documents.
Counts characters with and without spaces and compares your text against platform-specific limits — Twitter/X posts (280), SMS messages (160), SEO meta descriptions (160), Facebook posts (63,206), and LinkedIn summaries (2,600). Real-time counting with space/no-space toggle.
CSP Policy Validator lets you validate Content Security Policy headers against W3C spec and common pitfalls.. Everything runs inside your browser — nothing is uploaded to a server. It works on any device with a modern web browser.
Validate Content Security Policy headers against W3C spec and common pitfalls. It's ideal for developers, designers, and anyone who needs to validate content security policy headers against w3c spec and common pitfalls without installing software or sending data to external servers.
Direct text entry, file upload, or URL-based input — depending on the tool. Paste or type your content directly into the provided editor area.
Yes. After the initial page load, CSP Policy Validator runs entirely on your device with no internet connection needed. All processing is done locally.
Tools cover JavaScript, CSS, HTML, SQL, Python, JSON, XML, CSV, and more. Check individual tool descriptions for specifics.
No. All code processing — formatting, minification, conversion, hashing — runs locally in your browser.
Yes. Since processing is local, performance depends on your device. Most operations handle large files without issue.
Yes. SQL uses sql-formatter, JSON uses native JSON.parse, and other formatters follow widely adopted formatting rules.
Yes. All developer tools work fully offline after the initial page load.
Time Converter
Convert between time units including seconds, minutes, hours, days, weeks, months, and years with precise decimal results.
Diff Checker
Compares two input texts side-by-side, highlighting inserted, deleted, and changed lines with distinct background colors.
Regex Tester
Provides an interactive environment where users can write a regular expression pattern, test it against sample strings, and view real-time match.
JSON Formatter
Pretty-prints raw JSON with configurable indent width, key sorting, and bracket collapsing options while flagging syntax errors with exact.
JS Minifier
Strips comments, whitespace, and shortens local variable names in JavaScript source without altering execution semantics.
Base64 Encode/Decode
Encodes text or small files into Base64 strings and decodes them back with automatic MIME-type detection for binary safety.