{"id":21204262,"url":"https://github.com/hendrixjoseph/spring-content-security-policy","last_synced_at":"2025-10-05T19:52:27.726Z","repository":{"id":163635271,"uuid":"639096800","full_name":"hendrixjoseph/spring-content-security-policy","owner":"hendrixjoseph","description":"A Content Security Policy builder and bean to help secure Spring applications.","archived":false,"fork":false,"pushed_at":"2024-12-12T14:37:34.000Z","size":28,"stargazers_count":2,"open_issues_count":1,"forks_count":1,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-13T20:44:32.764Z","etag":null,"topics":["content-security-policy","hacktoberfest","spring","spring-boot","spring-config","spring-security"],"latest_commit_sha":null,"homepage":"https://mvnrepository.com/artifact/com.joehxblog/spring-content-security-policy","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hendrixjoseph.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-05-10T18:50:45.000Z","updated_at":"2024-12-12T14:37:39.000Z","dependencies_parsed_at":"2024-11-20T20:33:28.553Z","dependency_job_id":"03002298-5c8b-494e-8b36-6d1375befa2a","html_url":"https://github.com/hendrixjoseph/spring-content-security-policy","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hendrixjoseph%2Fspring-content-security-policy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hendrixjoseph%2Fspring-content-security-policy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hendrixjoseph%2Fspring-content-security-policy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hendrixjoseph%2Fspring-content-security-policy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hendrixjoseph","download_url":"https://codeload.github.com/hendrixjoseph/spring-content-security-policy/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248782280,"owners_count":21160716,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["content-security-policy","hacktoberfest","spring","spring-boot","spring-config","spring-security"],"created_at":"2024-11-20T20:31:23.488Z","updated_at":"2025-10-05T19:52:22.655Z","avatar_url":"https://github.com/hendrixjoseph.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Content Security Policy for Spring\n\n## What is a Content Security Policy?\n\n\u003chttps://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy\u003e\n\n## How to use\n\n```java\nimport org.springframework.context.annotation.Bean;\nimport org.springframework.context.annotation.Configuration;\nimport org.springframework.security.config.annotation.web.builders.HttpSecurity;\nimport org.springframework.security.web.SecurityFilterChain;\n\nimport com.joehxblog.spring.csp.ContentSecurityPolicy;\n\n@Configuration\npublic class Config {\n private final ContentSecurityPolicy csp = new ContentSecurityPolicy();\n \n @Bean\n public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {\n return csp.filterChain(http);\n }\n}\n```\n\nOr write your own:\n\n\n```java\nimport org.springframework.context.annotation.Bean;\nimport org.springframework.context.annotation.Configuration;\nimport org.springframework.security.config.annotation.web.builders.HttpSecurity;\nimport org.springframework.security.web.SecurityFilterChain;\n\nimport com.joehxblog.spring.csp.ContentSecurityPolicy;\n\n@Configuration\npublic class Config {\n private final ContentSecurityPolicy csp = new ContentSecurityPolicy(\"default-src 'self'\");\n \n @Bean\n public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {\n return csp.filterChain(http);\n }\n}\n```\n\nOr use the builder:\n\n```java\nimport org.springframework.context.annotation.Bean;\nimport org.springframework.context.annotation.Configuration;\nimport org.springframework.security.config.annotation.web.builders.HttpSecurity;\nimport org.springframework.security.web.SecurityFilterChain;\n\nimport com.joehxblog.spring.csp.ContentSecurityPolicy;\nimport com.joehxblog.spring.csp.directive.FetchDirective;\nimport com.joehxblog.spring.csp.value.KeywordValue;\n\n@Configuration\npublic class Config {\n private final ContentSecurityPolicy csp = ContentSecurityPolicy.build()\n .add(FetchDirective.DEFAULT_SRC, KeywordValue.SELF)\n .build();\n \n @Bean\n public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {\n return csp.filterChain(http);\n }\n}\n```\n\n### Maven Dependency Tag\n\n```xml\n\u003cdependency\u003e\n \u003cgroupId\u003ecom.joehxblog\u003c/groupId\u003e\n \u003cartifactId\u003espring-content-security-policy\u003c/artifactId\u003e\n \u003cversion\u003e6.4.1\u003c/version\u003e\n\u003c/dependency\u003e\n```","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhendrixjoseph%2Fspring-content-security-policy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhendrixjoseph%2Fspring-content-security-policy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhendrixjoseph%2Fspring-content-security-policy/lists"}