{"id":13711947,"url":"https://github.com/middlewares/csp","last_synced_at":"2025-05-06T21:32:43.128Z","repository":{"id":62528352,"uuid":"70392275","full_name":"middlewares/csp","owner":"middlewares","description":"PSR-15 middleware to add the Content-Security-Policy header to the response","archived":false,"fork":false,"pushed_at":"2025-03-26T14:44:07.000Z","size":41,"stargazers_count":14,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-04-27T06:36:42.155Z","etag":null,"topics":["csp","http","middleware","psr-15","security"],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/middlewares.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-10-09T09:23:09.000Z","updated_at":"2025-03-23T10:41:29.000Z","dependencies_parsed_at":"2022-11-02T14:17:14.250Z","dependency_job_id":null,"html_url":"https://github.com/middlewares/csp","commit_stats":null,"previous_names":[],"tags_count":14,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/middlewares%2Fcsp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/middlewares%2Fcsp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/middlewares%2Fcsp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/middlewares%2Fcsp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/middlewares","download_url":"https://codeload.github.com/middlewares/csp/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252772216,"owners_count":21801878,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["csp","http","middleware","psr-15","security"],"created_at":"2024-08-02T23:01:13.211Z","updated_at":"2025-05-06T21:32:42.837Z","avatar_url":"https://github.com/middlewares.png","language":"PHP","funding_links":[],"categories":["Packages"],"sub_categories":["Security"],"readme":"# middlewares/csp\n\n[![Latest Version on Packagist][ico-version]][link-packagist]\n[![Software License][ico-license]](LICENSE)\n![Testing][ico-ga]\n[![Total Downloads][ico-downloads]][link-downloads]\n\nMiddleware to add the [Content-Security-Policy](https://content-security-policy.com/) header to the response using [paragonie/csp-builder](https://github.com/paragonie/csp-builder) library.\n\n## Requirements\n\n* PHP \u003e= 7.2\n* A [PSR-7 http library](https://github.com/middlewares/awesome-psr15-middlewares#psr-7-implementations)\n* A [PSR-15 middleware dispatcher](https://github.com/middlewares/awesome-psr15-middlewares#dispatcher)\n\n## Installation\n\nThis package is installable and autoloadable via Composer as [middlewares/csp](https://packagist.org/packages/middlewares/csp).\n\n```sh\ncomposer require middlewares/csp\n```\n\n## Example\n\n```php\nuse ParagonIE\\CSPBuilder\\CSPBuilder;\n\n$csp = CSPBuilder::fromFile('/path/to/source.json');\n\nDispatcher::run([\n    new Middlewares\\Csp($csp)\n]);\n```\n\n## Usage\n\nSet the CSP builder to the constructor. See [paragonie/csp-builder](https://github.com/paragonie/csp-builder) for more info. If it's not provided, create a generic one with restrictive directives.\n\n### legacy\n\nTo generate legacy CSP headers for old browsers (`X-Content-Security-Policy` and `X-Webkit-CSP`). By default is `true` but you can disabled it:\n\n```php\n$middleware = (new Middlewares\\Csp($csp))-\u003elegacy(false);\n```\n\n## Helpers\n\n### createFromFile\n\nShortcut to create instances using a json file:\n\n```php\nDispatcher::run([\n    Middlewares\\Csp::createFromFile(__DIR__.'/csp-config.json')\n]);\n```\n\n### createFromData\n\nShortcut to create instances using an array with data:\n\n```php\nDispatcher::run([\n    Middlewares\\Csp::createFromData([\n        'script-src' =\u003e ['self' =\u003e true],\n        'object-src' =\u003e ['self' =\u003e true],\n        'frame-ancestors' =\u003e ['self' =\u003e true],\n    ])\n]);\n```\n\n---\n\nPlease see [CHANGELOG](CHANGELOG.md) for more information about recent changes and [CONTRIBUTING](CONTRIBUTING.md) for contributing details.\n\nThe MIT License (MIT). Please see [LICENSE](LICENSE) for more information.\n\n[ico-version]: https://img.shields.io/packagist/v/middlewares/csp.svg?style=flat-square\n[ico-license]: https://img.shields.io/badge/license-MIT-brightgreen.svg?style=flat-square\n[ico-ga]: https://github.com/middlewares/csp/workflows/testing/badge.svg\n[ico-downloads]: https://img.shields.io/packagist/dt/middlewares/csp.svg?style=flat-square\n\n[link-packagist]: https://packagist.org/packages/middlewares/csp\n[link-downloads]: https://packagist.org/packages/middlewares/csp\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmiddlewares%2Fcsp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmiddlewares%2Fcsp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmiddlewares%2Fcsp/lists"}