MCP server for DrHeaderPlus security header auditing

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for garootman from gravatar.com garootman

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
  • Author: Dmitry Kozlov
  • Tags csp , headers , hsts , llm , mcp , owasp , security
  • Requires: Python >=3.12
Classifiers
Report project as malware

Project description

drheaderplus-mcp

MCP server for DrHeaderPlus — audit HTTP security headers from AI assistants.

Scans URLs or analyzes raw headers against security best practices: OWASP, CSP, HSTS, cookie flags, CORS misconfiguration, and more.

Available Tools

Tool Description
scan_url Fetch headers from a URL and audit them. Detects missing headers, weak values, CSP issues, cookie misconfigurations, and CORS origin reflection.
analyze_headers Audit a set of HTTP response headers directly (no network call). Use when you already have the headers.
scan_bulk Scan multiple URLs and return per-URL results. Handles individual failures gracefully.
list_presets List available ruleset presets (e.g. owasp-asvs-v14 for strict OWASP ASVS 4.0 V14 compliance).

Tool Parameters

scan_url

  • url (required): The URL to scan (must include scheme, e.g. https://example.com)
  • preset (optional): Ruleset preset name
  • cross_origin_isolated (optional): Enable COEP/COOP checks (default: false)

analyze_headers

  • headers (required): HTTP response headers as key-value pairs
  • preset (optional): Ruleset preset name
  • cross_origin_isolated (optional): Enable COEP/COOP checks (default: false)

scan_bulk

  • urls (required): List of URLs to scan
  • preset (optional): Ruleset preset name
  • cross_origin_isolated (optional): Enable COEP/COOP checks (default: false)

Installation

Using uvx (recommended, no install needed)

uvx drheaderplus-mcp

Using pip

pip install drheaderplus-mcp

Configuration

Claude Desktop

Add to your claude_desktop_config.json:

Using uvx:

{
  "mcpServers": {
    "drheaderplus": {
      "command": "uvx",
      "args": ["drheaderplus-mcp"]
    }
  }
}

Using pip installation:

{
  "mcpServers": {
    "drheaderplus": {
      "command": "drheaderplus-mcp"
    }
  }
}

Claude Code

claude mcp add drheaderplus -- uvx drheaderplus-mcp

VS Code

Add to your .vscode/mcp.json:

{
  "servers": {
    "drheaderplus": {
      "command": "uvx",
      "args": ["drheaderplus-mcp"]
    }
  }
}

Debugging

Use the MCP inspector to test the server:

npx @modelcontextprotocol/inspector uvx drheaderplus-mcp

License

MIT

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for garootman from gravatar.com garootman

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
  • Author: Dmitry Kozlov
  • Tags csp , headers , hsts , llm , mcp , owasp , security
  • Requires: Python >=3.12
Classifiers

Release history Release notifications | RSS feed

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

drheaderplus_mcp-0.1.0.tar.gz (58.6 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

drheaderplus_mcp-0.1.0-py3-none-any.whl (4.8 kB view details)

Uploaded Python 3

File details

Details for the file drheaderplus_mcp-0.1.0.tar.gz.

File metadata

  • Download URL: drheaderplus_mcp-0.1.0.tar.gz
  • Upload date:
  • Size: 58.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.10.3 {"installer":{"name":"uv","version":"0.10.3","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for drheaderplus_mcp-0.1.0.tar.gz
Algorithm Hash digest
SHA256 ff019720fd92f932041966ed92131723bd33b3f5c0317b74591ff8945d51ce4a
MD5 402bc1e8cfe82b6298737a8c52943454
BLAKE2b-256 0b239636eae4368e54555b50e264cce1f3c50789cca17060b5aadf883460b8eb

See more details on using hashes here.

File details

Details for the file drheaderplus_mcp-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: drheaderplus_mcp-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 4.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: uv/0.10.3 {"installer":{"name":"uv","version":"0.10.3","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for drheaderplus_mcp-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 515853af3ec1326064b23c95704ddc0517bd6beb85cd2f461e80c45a2c7c470b
MD5 3862e6ed95b4c1995c92d3479ac31782
BLAKE2b-256 2013115a576215cf108661b42af6a333c5fe995d2fe2271e10e7953f7801fdf4

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page