Speaker Polarity Test – Online Click & Listen
Generate a pop signal to determine if speakers are wired in phase. Quick stereo test.
UD5 Toolkit
Instantly check if a website is protected against clickjacking attacks.
<frame>, <iframe>, <embed>, or <object>. It helps prevent clickjacking attacks by ensuring that your site is not embedded in malicious frames.
frame-ancestors is more flexible and modern. It allows you to specify multiple allowed sources (or 'none'), while X‑Frame‑Options only supports one URI or SAMEORIGIN. Most modern browsers honor CSP; however, it’s recommended to use both headers for maximum compatibility.
frame-ancestors.
X‑Frame‑Options: DENY (most strict) Content-Security-Policy: frame-ancestors 'none'; X-Frame‑Options: SAMEORIGIN and frame‑ancestors 'self'.
Free online X‑Frame‑Options header tester. Check clickjacking protection, CSP frame-ancestors, and improve your web security posture. Supports all modern browsers.
Generate a pop signal to determine if speakers are wired in phase. Quick stereo test.
Display an astigmatism dial and instructions for self-assessment. Educational, not a medical diagnosis.
Hear a word spoken by browser TTS and type the spelling. Choose difficulty or paste your own list. Great for kids. Local only.
Override your browser's geolocation to any coordinates and test how your app responds. For development and privacy testing.
Hear text spoken word by word with boundary events. See the exact index and character. Advanced TTS dev tool.
Load a video and visually check if audio aligns with lips. Use frame‑by‑frame stepping. Debug playback issues.
Toggle a screen wake lock to prevent the device from dimming or sleeping. See the lock state and learn the API.
Check if your page triggers the beforeinstallprompt event. Simulate the install flow. Debug PWA installability.
Paste your Accept‑Language header and see which languages your site should serve based on quality values. Internationalization helper.
Test how your page loads under slow, 3G, or offline conditions by intercepting fetch and applying delays. No DevTools needed.
Override your browser's geolocation to any coordinates and test how your app responds. For development and privacy testing.
Check current screen orientation and test the lock API. Useful for mobile web apps. Demo with code.
Test the Fullscreen API: request fullscreen on a colored div, detect changes, and copy the JavaScript boilerplate.
Test the Web Share API by sharing text, links, and files directly from the browser. Check compatibility and see example code.
Check if your browser and display support the wider DCI‑P3 color space. See the difference with a simple test pattern.
Enter any phrase and instantly see if it's a palindrome, ignoring spaces and punctuation. Fun for word nerds.
Generate random, formatted ID numbers that match pattern rules for various countries. For testing input validation. No real data.
Pick a method, URL, headers, and body, then send an HTTP request directly from your browser. Debug APIs easily.
Quickly test if your webcam, microphone, and speakers work correctly. See live video and audio meter. No data sent.
Generate random but realistic‑looking data arrays (users, products, orders) with typos and missing fields. For test robustness.
Simple interactive eye dominance test: hold up a virtual dot and see which eye stays aligned. Educational.
Build an iframe with different sandbox flags and see live which features are blocked. For secure embedding.
Simulate random mouse moves, clicks, or keystrokes to test idle‑timeout logic. Stops when you move the mouse. Dev test.
Paste a test card number to verify Luhn algorithm, identify issuer (Visa, MC), and check length. No real data.
Play left‑only, right‑only, and frequency sweeps to test your speakers or headphones. Quick audio check.
See a live VU meter of your microphone's input level. Test if your mic is working and adjust gain. Privacy‑friendly.
Strip dangerous HTML tags and attributes (scripts, onclick) to prevent XSS attacks. Safe iframe preview. Local sanitation engine.
Paste email headers or body text to quickly spot phishing signs, suspicious domains, and obfuscated links. Educational and private.
Evaluate the strength of your passwords with a visual meter and detailed feedback. Check for length, complexity, and breached passwords. All analysis is client-side.
Generate ultra-secure, random passwords with configurable length and character sets. Created entirely on your device; never transmitted or stored.