Skip to content

Content-Security-Policy header generator for Node.JS

Notifications You must be signed in to change notification settings

crazyhuoshan/csp-header

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

csp-header

Content-Security-Policy header generator for Node.JS

Usage

var csp = require('csp-header');
csp({
  policies: {
    'script-src': [
      csp.SELF,
      csp.INLINE,
      csp.EVAL,
      csp.nonce('gg3g43#$g32gqewgaAEGeag2@#GFQ#g=='),
      'example.com'
    ],
    'style-src': [
      csp.SELF,
      'mystyle.net'
    ]
  },
  'report-uri': 'https://cspreport.com/send'
});

// result: "script-src 'self' 'unsafe-inline' 'unsafe-eval' 'nonce-gg3g43#$g32gqewgaAEGeag2@#GFQ#g==' example.com; style-src 'self' mystyle.net; report-uri https://cspreport.com/send;"

About

Content-Security-Policy header generator for Node.JS

Resources

Stars

Watchers

Forks

Packages

No packages published

Languages

  • JavaScript 100.0%