JSPM

csp-dev

1.0.0
  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 605
  • Score
    100M100P100Q96224F
  • License MIT

Content security policy builder and parser. 🚨

Package Exports

  • csp-dev

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (csp-dev) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

csp-dev

Content security policy builder and parser. 🚨

NPM npm version npm bundle size npm

Install

npm i -D csp-dev

Use

Build:

const ContentSecurityPolicy = require('csp-dev')

const builder = new ContentSecurityPolicy()
builder.newDirective('script-src', ['self', 'unsafe-inline', 'nonce-2726c7f26c', '*.trusted.com'])
builder.newDirective('default-src', 'self')
builder.newDirective('style-src', 'data:')

// or by loading an object

const builder2 = new ContentSecurityPolicy()
builder2.load({
  'default-src': ['self'],
  'script-src': [
    'self', 'unsafe-inline', 'nonce-2726c7f26c', '*.trusted.com'
  ],
  'style-src': ['data:']
})

Parse:

const ContentSecurityPolicy = require('csp-dev')

const data = `
default-src 'self';
script-src 'self' 'unsafe-inline' 'nonce-2726c7f26c' *.test.com;
style-src data:
`
const parser = new ContentSecurityPolicy(data)

parser.valid() // true|false

Share:

parser.share('json'|'string')

Thanks for watching 🐬

ko-fi