Checks HTTP security headers in Next.js config for CSP, HSTS, X-Frame-Options, and other hardening headers.
325 characters
Audit all HTTP response headers in next.config.js and middleware. Verify presence and correct configuration of: Content-Security-Policy, X-Frame-Options, X-Content-Type-Options, Strict-Transport-Security, Referrer-Policy, and Permissions-Policy. Flag missing headers and suggest tightened CSP directives specific to this app.
Tags:
nextjsheaderscsphstsproductionsecurity
By Promptexify|3/25/2026
Related Prompts
iOS App Security Audit: A Senior Engineer's Penetration Testing Prompt
Prompts
Authorization & IDOR prevention
Prompts
Next.js Local Workspace MCP Configuration
MCP
Full-Stack Web App Cross-Platform Security Vulnerability Review
Prompts
SwiftUI App Security Audit and Performance Optimization
Rules
Laravel Application Security Hardening and Query Optimization