Skip to main content

Security Headers

The Security Headers provide an easy mechanism to analyze HTTP response headers and give information on how to deploy missing headers.

The scan result will be hidden from the public result list and follow redirects will be on too.

Query Parameters
url string REQUIRED

Example: https://shields.io

ignoreRedirects boolean
style string

Possible values: [flat, flat-square, plastic, for-the-badge, social]

If not specified, the default style for this badge is "flat".

Example: flat

logo string

One of the named logos (bitcoin, dependabot, gitlab, npm, paypal, serverfault, stackexchange, superuser, telegram, travis) or simple-icons. All simple-icons are referenced using icon slugs. You can click the icon title on simple-icons to copy the slug or they can be found in the slugs.md file in the simple-icons repository. Further info.

Example: appveyor

logoColor string

The color of the logo (hex, rgb, rgba, hsl, hsla and css named colors supported). Supported for named logos and Shields logos but not for custom logos. For multicolor Shields logos, the corresponding named logo will be used and colored.

Example: violet

label string

Override the default left-hand-side text (URL-Encoding needed for spaces or special characters!)

Example: healthiness

labelColor string

Background color of the left part (hex, rgb, rgba, hsl, hsla and css named colors supported).

Example: abcdef

color string

Background color of the right part (hex, rgb, rgba, hsl, hsla and css named colors supported).

Example: fedcba

cacheSeconds string

HTTP cache lifetime (rules are applied to infer a default value on a per-badge basis, any values specified below the default will be ignored).

Example: 3600

link string[]

Specify what clicking on the left/right of a badge should do. Note that this only works when integrating your badge in an <object> HTML tag, but not an <img> tag or a markup language.