Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Projects in Awesome Lists tagged with content-security-policy

A curated list of projects in awesome lists tagged with content-security-policy .

https://github.com/github/secure_headers

Manages application of security headers with many safe defaults

content-security-policy cookie csp hsts middleware rack referrer-policy ruby secure-headers xframe-options

Last synced: 17 Dec 2025

https://github.com/twitter/secure_headers

Manages application of security headers with many safe defaults

content-security-policy cookie csp hsts middleware rack referrer-policy ruby secure-headers xframe-options

Last synced: 20 Jun 2025

https://github.com/typeerror/secure

Lightweight modern Python library to add security headers (CSP, HSTS, etc.) to Django, Flask, FastAPI, and more. Secure defaults or fully customizable.

content-security-policy django fastapi flask headers headers-security http-headers python python-security referrer-policy secure-headers security security-headers strict-transport-security web-security

Last synced: 14 May 2025

https://github.com/TypeError/secure

Lightweight modern Python library to add security headers (CSP, HSTS, etc.) to Django, Flask, FastAPI, and more. Secure defaults or fully customizable.

content-security-policy django fastapi flask headers headers-security http-headers python python-security referrer-policy secure-headers security security-headers strict-transport-security web-security

Last synced: 26 Mar 2025

https://github.com/paragonie/csp-builder

Build Content-Security-Policy headers from a JSON file (or build them programmatically)

content-security-policy cross-site-scripting csp csp-builder csp-header easy-to-use http http-header json-configuration php secure-by-default security xss

Last synced: 14 May 2025

https://github.com/nico3333fr/csp-useful

Collection of scripts, thoughts about CSP (Content Security Policy)

content-security-policy csp csp-directives csp-parsers csp1 csp2 csp3 notifications report-uri

Last synced: 30 Oct 2025

https://github.com/nico3333fr/CSP-useful

Collection of scripts, thoughts about CSP (Content Security Policy)

content-security-policy csp csp-directives csp-parsers csp1 csp2 csp3 notifications report-uri

Last synced: 13 Mar 2025

https://github.com/aidantwoods/secureheaders

A PHP library aiming to make the use of browser security features more accessible.

content-security-policy cookie csp headers hsts samesite secure secure-cookie secureheaders

Last synced: 15 May 2025

https://github.com/moloch--/CSP-Bypass

A Burp Plugin for Detecting Weaknesses in Content Security Policies

burp-plugin content-security-policy csp security

Last synced: 19 Apr 2025

https://github.com/moloch--/csp-bypass

A Burp Plugin for Detecting Weaknesses in Content Security Policies

burp-plugin content-security-policy csp security

Last synced: 20 Aug 2025

https://github.com/jacobbednarz/go-csp-collector

A CSP collector written in Golang

content-security-policy csp csp-collector golang

Last synced: 05 Apr 2025

https://github.com/lisonge/disable-csp

A browser extension to disable http header Content-Security-Policy and html meta Content-Security-Policy

chrome chrome-extension content-security-policy csp edge edge-extension

Last synced: 13 Apr 2025

https://github.com/kindspells/astro-shield

Astro integration to enhance your website's security with SubResource Integrity hashes, Content-Security-Policy headers, and other techniques.

astro astro-integration content-security-policy hacktoberfest hacktoberfest2024 javascript security subresource-integrity withastro xss-protection

Last synced: 05 Apr 2025

https://github.com/bejamas/gatsby-plugin-csp

A Gatsby plugin which adds strict Content Security Policy to your project.

content-security-policy csp gatsby-plugin gatsby-plugin-csp

Last synced: 08 Oct 2025

https://github.com/gwen001/csp-analyzer

Analyze Content-Security-Policy header of a given URL.

bugbounty content-security-policy csp pentesting python security-tools

Last synced: 24 Oct 2025

https://github.com/c0r0n3r/cryptolyzer

CryptoLyzer is a fast, flexible and comprehensive server cryptographic protocol (TLS, SSL, SSH, DNSSEC) and related setting (HTTP headers, DNS records) analyzer and fingerprint (JA3, HASSH tag) generator with Python API and CLI. (read-only clone of the original GitLab project)

certificate-transparency content-security-policy dnssec http-header-check http-scan mixed-content openvpn python scan-tool scanning-tool security security-audit security-tools ssh-scanner ssl-scanner subresource-integrity tls-scan tls-scanning-library vulnerability-scanners

Last synced: 20 Nov 2025

https://github.com/guydumais/next-strict-csp

Hash-based Strict Content Security Policy generator for Next.js

content-security-policy nextjs

Last synced: 10 Apr 2025

https://github.com/moveyourdigital/cloudflare-worker-csp-nonce

A Cloudflare worker to generate and inject Content Security Policy nonces in returned HTML pages.

attacks cloudflare cloudflare-worker content-security-policy nonces s3-website static-website whitelist

Last synced: 21 Mar 2025

https://github.com/catalyst/moodle-local_csp

Content security policy reporting and enforcing tool for Moodle

content-security-policy csp-report moodle

Last synced: 27 Apr 2025

https://github.com/peter-juhasz/aspnetcoresecurity

Security extensions for ASP.NET Core

asp-net content-security-policy dotnet security

Last synced: 22 Mar 2025

https://github.com/bonigarcia/browserwatcher

Browser extension for console monitoring, tab recording, Content Security Policy (CSP) disabling, and JavaScript/CSS injection

browser-extension content-security-policy logs monitoring observability selenium-webdriver testing-tools web-application

Last synced: 23 Mar 2025

https://github.com/d4l3k/go-csp-engine

Content Security Policy engine for Go/Golang. Unit test your CSP rules!

content-security-policy csp golang

Last synced: 12 Jun 2025

https://github.com/born05/craft-csp

Content Security Policy (or CSP) generator using nonces.

content-security-policy craft-plugin craft3 craftcms csp

Last synced: 10 Apr 2025

https://github.com/sudhakar3697/electron-renderer-csp-sample

Running JavaScript in electron renderers with CSP (https://stackoverflow.com/questions/58230686/run-non-inline-js-locally-in-electron)

content-security-policy electron renderer

Last synced: 12 May 2025

https://github.com/toyokumo/ring-middleware-csp

Ring middleware for Content Security Policy

clojure content-security-policy csp middleware ring ring-middleware

Last synced: 13 May 2025

https://github.com/nswdpc/silverstripe-csp

Content Security Policy module for Silverstripe

content-security-policy csp nel report-to

Last synced: 12 Jul 2025

https://github.com/ayushn21/bridgetown-content-security-policy

A Bridgetown plugin to add a Content Security Policy in a meta tag

bridgetown bridgetown-plugin content-security-policy security

Last synced: 14 Apr 2025

https://github.com/tempehs/the_unsecure_pwa

An unsecure by-design PWA that students can analyse with a suite of tools and support to build their understanding of web-based secure software architecture.

2fa api content-security-policy csp csrf cybersecurity cybersecurity-education encryption form-validation learning-by-doing learning-cybersecurity learning-project penetration-testing race-conditions security session-management sql-injection sqlite3 testing-practices xss

Last synced: 13 Apr 2025

https://github.com/munter/express-legacy-csp

Downgrade content-security-policy version and fidelity to support the requesting browser

browser-detection content-security-policy csp1 csp2 csp3 express legacy-support middleware

Last synced: 04 May 2025

https://github.com/robdwaller/csp-generator

Manage and create Content Security Policies more easily.

content-security-policy csp json rust rust-lang

Last synced: 09 Oct 2025

https://github.com/scottstraughan/jekyll-content-security-policy-generator

This Jekyll plugin generates a content-security-policy HTML meta tag for your static site based on images, styles, scripts, frames and more found within each static page. Also converts style attributes to style tags and generates SHA256 hashes for them.

content-security-policy inline-scripts jekyll jekyll-plugin nokogiri plugin ruby static-site xss

Last synced: 29 Mar 2025

https://github.com/dethos/inlinehashes

Hash generator for HTML inline styles and scripts

content-security-policy csp hacktoberfest hashing python

Last synced: 14 May 2025

https://github.com/colecrouter/pages-csp-generator

Automatic CSP generation for Cloudflare Pages

cloudflare-pages cloudflare-workers content-security-policy

Last synced: 31 Aug 2025

https://github.com/rodneylab/sveltekit-content-security-policy

SvelteKit Content Security Policy: how you can add CSP to reduce your Svelte site's cross-site scripting (XSS) attack surface.

cloudflare-pages content-security-policy csp http-headers netlify svelte svelte3 sveltekit

Last synced: 25 Oct 2025

https://github.com/eoinkelly/csp_report_collector

A phoenix app which will accept Content-Security-Policy violation reports and provides a very basic UI for viewing them

content-security-policy content-security-policy-report elixir elixir-apps elixir-phoenix

Last synced: 23 Apr 2025

https://github.com/wille/reporting-api

Collect Content Security Policy, COEP, COOP, Document-Policy, Crash reports, Deprecation reports, Intervention reports and Network Error Logging

content-security-policy express reporting webappsec

Last synced: 10 Apr 2025

https://github.com/itsignacioportal/csp-integrity-hash-generator

Javascript to quickly generate CSP hashes for all script/style elements in a website.

cibersecurity content-security-policy csp

Last synced: 11 Aug 2025

https://github.com/offline-gmbh/oc-csp-plugin

:lock: Manage Content Security Policies in October CMS

content-security-policy csp octobercms octobercms-plugin

Last synced: 13 Jun 2025

https://github.com/einride/csp-evaluator-cli

A command line tool to validate Content-Security-Policy rules

cli content-security-policy einride

Last synced: 26 Jul 2025

https://github.com/contributte/http

:sparkles: Extra contrib to nette/http (@nette)

cli content-security-policy contributte http nette nette-framework request response

Last synced: 10 Apr 2025

https://github.com/v-checha/openiframe

Build Iframe. Ignore X-Frame-Options, Content-Security-Policy, X-Content-Type-Options, X-Xss-Protection etc.

content-security-policy iframe iframe-api protection security security-policy x-content-security-policy x-content-type-options x-frame-options

Last synced: 13 Oct 2025

https://github.com/eason-dev/csp-kit

Modern Content Security Policy (CSP) generator for popular web services and libraries

content-security-policy csp javascript typescript web web-security

Last synced: 04 Sep 2025

https://github.com/pgilad/csp-builder

A builder tool to help generate Content Security Policies in a type-safe way

builder content-security-policy csp generator hacktoberfest pika security typescript web

Last synced: 09 May 2025

https://github.com/hrbrmstr/cspy

Content Security Policy Decomposer & Evaluator

content-security-policy r rjava rstats

Last synced: 05 Mar 2025

https://github.com/marthijn/sidio.web.security

Helper functions and middleware to secure ASP.NET Core applications

asp-net-core content-security-policy http security web-security

Last synced: 26 Oct 2025

https://github.com/muratgozel/csp-dev

Spec compliant content security policy builder and parser. 🚨

content-security-policy csp csp-builder csp-parser

Last synced: 29 Jul 2025

https://github.com/flowpack/flowpack.contentsecuritypolicy

Configurable Content Security Policy for Neos CMS

content-security-policy csp flow neos neoscms

Last synced: 22 Apr 2025

https://github.com/16patsle/wordpress-csp-manager

WordPress plugin for configuring Content Security Policy headers for your site. Allows different CSP headers for admin, logged inn frontend and regular visitors.

content-security-policy csp hacktoberfest security wordpress wordpress-plugin

Last synced: 11 Oct 2025

https://github.com/poppinlp/fastify-csp

Fastify plugin to set Content-Security-Policy header

content-security-policy csp fastify-plugin helmet

Last synced: 03 Jan 2026

https://github.com/kathleenwest/mslearn-dotnet-docker

This is a simple microservices demo with a frontend web app (razor) and backend web api (asp.net core). The frontend utilizes the Blazor WebAssembly script in the browser. The backend web api simply delivers a Product listing and serves images for those products. The frontend web app queries the backend web api for products, then displays each one.

asp-net-core backend blazor blazor-webassembly containers content-security-policy docker docker-compose docker-container docker-tutorial entity-framework-core frontend how-to microservices mslearn products razor store tutorial web-api

Last synced: 30 Dec 2025

https://github.com/meteorlxy/csp-helper

Helpers for creating Content Security Policy (CSP) header.

content-security-policy csp nodejs

Last synced: 13 Mar 2025

https://github.com/decodelabs/sanctum

Define and deploy Content Security Policies in your PHP application

content-security-policy csp php

Last synced: 15 Apr 2025

https://github.com/val-istar-guo/koa-csp

Used to set response header: Content-Security-Policy

content-security-policy csp koa koa-csp koa2

Last synced: 07 May 2025

https://github.com/sjinks/hwp-csp-plugin

Content Security Policy plugin for html-webpack-plugin

content-security-policy csp html-webpack-plugin html-webpack-plugin-plugin security

Last synced: 10 Apr 2025

https://github.com/marschall/csp-hack

An exploration of how to make CSP work with Seaside.

content-security-policy nonce smalltalk

Last synced: 05 Mar 2025

https://github.com/hendrixjoseph/spring-content-security-policy

A Content Security Policy builder and bean to help secure Spring applications.

content-security-policy hacktoberfest spring spring-boot spring-config spring-security

Last synced: 05 Oct 2025

https://github.com/sigient/csp_builder

📃 Create rich Content Security Policies using this easy to use builder class

content-security-policy rails ruby

Last synced: 11 Nov 2025

https://github.com/jackdbd/content-security-policy

Content-Security-Policy in JavaScript, with validation and automatic hashes.

content-security-policy cross-site-scripting csp csp-directives http http-header xss

Last synced: 17 Oct 2025

https://github.com/zurfyx/scp-demo

Content Security Policy (CSP) Demo

content-security-policy html

Last synced: 30 Mar 2025

https://github.com/rix4uni/cspfinder

Discover new target domains using Content Security Policy

bugbounty content-security-policy csp golang hacking recon reconnaissance security

Last synced: 15 Apr 2025

https://github.com/jeff-tian/ali-green-typescript-sdk

阿里云盾内容安全服务提供的内容检测API SDK

aliyun content-security-policy green porn-filter

Last synced: 05 Mar 2025

https://github.com/gearnode/csp-handler

Handle your CSP errors and analyze them with Kibana

content-security-policy content-security-policy-report golang logger

Last synced: 07 Apr 2025

https://github.com/boardfish/zantetsuken

⚔️ Organize and build your app's Content Security Policy

content-security-policy hacktoberfest rails ruby-gem ruby-on-rails

Last synced: 08 Apr 2025

https://github.com/jenderal92/clickjacking-exploit-detector

The Clickjacking Exploit Detector uses webpage scanning techniques to identify potential vulnerabilities and provide analysis of those elements.

clickjacking content-security-policy python python-27 python-security-tools web-exploit web-security x-frame-options

Last synced: 03 Jul 2025

https://github.com/aubes/csp-bundle

Content Security Policy bundle for Symfony

bundle content-security-policy symfony

Last synced: 20 Feb 2025

https://github.com/mdownes/rollup-plugin-csp-html-linter

A Rollup plugin to lint your HTML for Content Security Policy Violations.

content-security-policy linter rollup-plugin

Last synced: 11 Jul 2025

https://github.com/devexpress-examples/reporting-asp-net-core-content-security-policy

How to implement a nonce-based Content Security Policy (CSP) for an ASP.NET Core Application

asp-net-core content-security-policy csp reporting reporting-for-asp-net-core web-reporting xtrareport

Last synced: 26 Jul 2025

https://github.com/simonprickett/cordovacsp

Cordova Content Security Policy / iOS 9 ATS Demo App

android-app content-security-policy cordova ios-app javascript phonegap xcode

Last synced: 13 Jul 2025

https://github.com/deadcoder0904/generate-hash-inline-script

Generate Hash for Inline Script when using Chrome Extensions due to Content Security Policy (CSP) error

chrome-extension chrome-extensions content-security-policy csp hash inline inline-script

Last synced: 03 Dec 2025

https://github.com/localnerve/csp-hashes

Flexible build library to generate script and style hashes for CSP headers or Meta tags

build-tool content-security-policy hashes javascript nodejs

Last synced: 12 Apr 2025

https://github.com/ssexton16/websecuritycheatsheet

🔒 Secure your web applications with essential security practices and guides for SSL, server configuration, authentication, and data protection.

apache apache-configuration content-security-policy javascript-security nginx security security-cheatsheets sql-injection web-security websecurity xss-vulnerability

Last synced: 06 Oct 2025

https://github.com/peckadesign/securityheaders

Knihovna pro snadné nastavení bezpečnostních HTTP hlaviček

content-security-policy csp http-header security

Last synced: 07 May 2025

https://github.com/jshawl/cspq

a csp playground

content-security-policy gleam-lang

Last synced: 08 Oct 2025

https://github.com/reside-eng/fortifyjs

FortifyJS is a library focused on delivering security headers for web applications within the JavaScript ecosystem

clickjacking content-security-policy cross-site-scripting fortified headers http javascript security web

Last synced: 11 Apr 2025

https://github.com/rishi-raj-jain/security-headers-example

A demo that shows how to secure your website against some common attacks like XSS, code injection, clickjacking, etc.

content-security-policy edgio http-headers security-headers

Last synced: 01 Apr 2025

https://github.com/abdulghafoor921/csp-report-collector

csp-report-collector 🐙 Collect CSP violation reports and persist them in Redis for audit and investigation, a lightweight service for secure incident tracking.

compliance content-security-policy content-security-policy-report csp-reporter endpoint go http-server mariadb middleware mysql observability rate-limiting redis security security-headers violation-reporter web-security wip

Last synced: 23 Aug 2025

https://github.com/northwood-labs/csp-parser

Parser and evaluator for Content Security Policy directives.

content-security-policy content-security-policy-csp csp go golang owasp

Last synced: 04 Jan 2026

https://github.com/sourcefuse/arc-spa-csp

Production-ready CSP injector for React, Angular & VITE projects. Smart auto-detection, environment variables, workspace support. Enterprise-grade SPA security.

angular build-tool content-security-policy csp react security single-page-application spa typescript web-security xss-protection

Last synced: 03 Aug 2025

https://github.com/mdownes/csp-html-linter

Lint your HTML for Content Security Policy Violations

content-security-policy html linter npm-package

Last synced: 04 Jan 2026

https://github.com/realkinetic/flask-appify

Opinionated set of default libraries that should be included in every Flask application

appengine assets content-security-policy cors csrf flask

Last synced: 30 Mar 2025

https://github.com/wieni/wmcontent_security_policy

A Drupal module for securing your site using a Content Security Policy header

content-security-policy drupal-module

Last synced: 23 Feb 2025