Content Security Policy builder

Take an object and turn it into a Content Security Policy string.

It can handle a lot of things you can you throw at it; camelCased or dash-separated directives, arrays or strings, et cetera.

Usage:

const builder = require("content-security-policy-builder");

// default-src 'self' default.com; script-src scripts.com; whatever-src something; object-src
builder({
  directives: {
    defaultSrc: ["'self'", "default.com"],
    scriptSrc: "scripts.com",
    "whatever-src": "something",
    objectSrc: true,
  },
});

This module is considered "complete". I expect to continue maintenance if needed, but I don't plan to add features or make breaking changes.

Name		Name	Last commit message	Last commit date
Latest commit History 94 Commits
.github/workflows		.github/workflows
.gitignore		.gitignore
.prettierignore		.prettierignore
CHANGELOG.md		CHANGELOG.md
LICENSE		LICENSE
README.md		README.md
eslint.config.mjs		eslint.config.mjs
index.ts		index.ts
package-lock.json		package-lock.json
package.json		package.json
test.ts		test.ts
tsconfig.eslint.json		tsconfig.eslint.json
tsconfig.json		tsconfig.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Content Security Policy builder

About

Releases

Packages

Contributors 3

Languages

License

helmetjs/content-security-policy-builder

Folders and files

Latest commit

History

Repository files navigation

Content Security Policy builder

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Contributors 3

Languages

Packages