JSPM

help secure Express/Connect apps with various HTTP headers

Evaluate Content Security Policies for a wide range of bypasses and weaknesses

Content Security Policy middleware

🛡️ Security Module for Nuxt based on HTTP Headers and Middleware

Content-Security-Policy header generator

Protect your Next.js application with secure headers

Content-Security-Policy middleware for Express

Strict Content-Security-Policy (CSP) for Next.js with composable middleware

A comprehensive toolkit for working with Content Security Policy (CSP) directives in TypeScript.

Protect your Response with secure headers

A Vite plugin that lets SPA applications generate a Content Security Policy (CSP).

Provides type information for all CSP directives and related headers' directives; as well as a basic utility funtion that helps convert the typed properties to the header content's policy string.

Enables a hash-based strict Content Security Policy for static HTML files and single page applications.

A webpack plugin that adds a hash-based strict CSP to help protect your site against XSS attacks.

Adds Content Security Policy to your Gatsby app.

Spec compliant content security policy builder and parser. 🚨

tiny util for getting and setting deep object props safely

Middleware to add Content-Security-Policy header.

Astro integration to enhance your website's security with SubResource Integrity hashes, Content-Security-Policy headers, and other techniques.

A command line tool to validate Content-Security-Policy rules

Generate fixed nonces for scripts in Gatsby and make them available for the headers.

Protect your SvelteKit application with secure headers

A builder tool to help generate Content Security Policies in a type-safe way

A Vite plugin that generates and injects a Content Security Policy (CSP) for your SPA application.

A Vite plugin to auto-generate Subresource Integrity (SRI) hashes.

Cross-iframe API proxy for CSP-compliant communication

A react-static plugin that adds Content-Security-Policy meta tags to your site

Parse HTTP headers from RFC 9110 (and a bunch of others) using the full ABNF.

Helpers for managing Content Security Policy (CSP)

Roll your own Reporting API collector. Supports CSP, COEP, COOP, Document-Policy, Crash reports, Deprecation reports, Intervention reports and Network Error Logging

Write your Content-Security-Policy header in JavaScript, so you can have validation and automatic hashes.

Eleventy plugin that writes Content-Security-Policy and Content-Security-Policy-Report-Only headers to a `_headers` file when Eleventy builds your site.

Easily build a Content Security Policy (CSP) by specifying APIs by name

live-server fork that adds Content-Security-Policy (CSP) support (a simple development http server with live reload capability)

Content-Security-Policy Serializer and Deserializer (Parser)

A comprehensive authentication and security solution

A node module that detects improper iframe busting code

Security middlewares for Next.js

Generate Content Security Policy headers for popular web services and libraries

Service definitions and CSP mappings database for csp-kit

A TypeScript utility for extracting and managing Content Security Policy (CSP) headers from Kubernetes ingress YAML files

Security helper methods for front-end development

Zero dependency web server.

Strict Content-Security-Policy (CSP) for Next.js with composable middleware

Sets various security related headers

A package to generate Content Security Policy (CSP) headers.

Command-line tool for managing CSP service definitions and data updates

Generate valid and secure Content Security Policies (CSP) with TypeScript.

Strict Content-Security-Policy (CSP) for Next.js with composable middleware

Content-Security-Policy Serializer and Deserializer (Parser)

Tool to extract urls of a project for use in the Content-Security-Policy. Also includes warnings for usage with AngularJS.

Builder with fluent interface for Content-Security-Policy (CSP) with IntelliSense

Content Security Policy (CSP) injector for Applications - React, Angular, and VITE projects with comprehensive environment variable support

A security gateway for APIs with rate limiting, IP whitelisting, and injection prevention.

A CLI that generates and injects a Content Security Policy (CSP) for your SPA application.

Content-Security-Policy Generator, Running as an express middleware that integrates with RapidSec.

Create Web Workers from inline functions without requiring separate worker files.

generates a csp from a JSON file

The goal of this package is to provide a simple automated way to generate Content Security Policy compliant headers for your Cloudflare Pages site at runtime. The primary goal is to automate hashing and nonces, but it will also scan your page to include a

ExpressJS template engine to render JavaScript from JavaScript to avoid inlined code and allow strict and safe Content-Security-Policy

Builder with fluent interface for Content-Security-Policy (CSP) with IntelliSense

This module provides types and functionality for parsing and stringifying Permissions Policy.

Content-Security-Policy policy parser

Middleware for express app for adding Content-Security-Policy header

HTTP content security policy(CSP) middleware

A package to scan a website for its Content Security Policy (CSP) headers and report any issues.

Enables a hash-based strict Content Security Policy for static HTML files and single page applications.

A webpack plugin that adds a hash-based strict CSP to help protect your site against XSS attacks.

A CSP3 Parser based on W3 specification