Security

Content Security Policy (CSP)

We implement strict Content Security Policy headers to prevent cross-site scripting (XSS) attacks and restrict resource loading to trusted sources only.

Security Headers

We use HTTP security headers including X-Content-Type-Options and X-Frame-Options to prevent MIME type sniffing and clickjacking attacks.

Permissions Policy

Unnecessary browser features (camera, microphone, geolocation, payment APIs, USB, and sensors) are explicitly disabled to minimize attack surface and protect your privacy.

Client-side processing

All tools process data entirely in your browser using JavaScript. Your data is never transmitted to any server, ensuring complete privacy and security.

No external data communication

Your personal data is never uploaded to servers or sent to external APIs for processing. This page may load third-party resources (CDNs and ads) which receive standard web request data, but not your personal data.

Tool-specific security

For detailed security information about a specific tool, visit the tool's dedicated security page (available in the tool's footer).