PHPackages erickjmenezes/policyman - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. erickjmenezes/policyman ActiveLibrary[Security](/categories/security) erickjmenezes/policyman ======================= CSP manager v0.5.0(1y ago)02MITPHPPHP ^8.3 Since Sep 6Pushed 1y ago1 watchersCompare [ Source](https://github.com/ErickJMenezes/policyman)[ Packagist](https://packagist.org/packages/erickjmenezes/policyman)[ RSS](/packages/erickjmenezes-policyman/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (5)Dependencies (3)Versions (6)Used By (0) Policyman 👮 =========== [](#policyman-) A Content-Security-Policy (CSP) header parser and builder. Instalation ----------- [](#instalation) ``` composer install erickjmenezes/policyman ``` Building a CSP header: ---------------------- [](#building-a-csp-header) ``` use ErickJMenezes\Policyman\Policyman; use ErickJMenezes\Policyman\Keyword; $header = Policyman::builder() ->defaultSrc([Keyword::Self]) ->scriptSrc([Keyword::Self, Keyword::UnsafeEval, Keyword::UnsafeInline, 'trusted-cdn.com']) ->styleSrc([Keyword::Self, 'trusted-cdn.com']) ->toString(); // Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' trusted-cdn.com; style-src 'self' trusted-cdn.com ``` Parsing and editing an existing CSP header string: -------------------------------------------------- [](#parsing-and-editing-an-existing-csp-header-string) ``` use ErickJMenezes\Policyman\Policyman; use ErickJMenezes\Policyman\ContentSecurityPolicy; use ErickJMenezes\Policyman\Policy; use ErickJMenezes\Policyman\Keyword; use ErickJMenezes\Policyman\Directive; // Example header. $header = "Content-Security-Policy: img-src 'self' data:; object-src 'none'"; // Parsing to an object. /** @var ContentSecurityPolicy $csp */ $csp = Policyman::parse($header); // Adding script-src directive. $csp->add(new Policy(Directive::ScriptSrc, [Keyword::Self, 'example.com'])); $csp->find(Directive::ImgSrc)->add('example.com'); // Convert it back to a string. $newHeader = Policyman::serialize($csp); // Content-Security-Policy: img-src 'self' data: example.com; object-src 'none'; script-src 'self' example.com ``` Validation: ----------- [](#validation) ``` use ErickJMenezes\Policyman\Policyman; Policyman::validate("Content-Security-Policy: default_src 'self'"); // false Policyman::validate("Content-Security-Policy: default-src 'self'"); // true ``` ### Health Score 25 — LowBetter than 37% of packages Maintenance34 Infrequent updates — may be unmaintained Popularity2 Limited adoption so far Community7 Small or concentrated contributor base Maturity48 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 5 Last Release 617d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/4c4d7b81b04cad437d9e4579d02e2a96c62320da264c82be0f5fb784034b49c2?d=identicon)[ErickJMenezes](/maintainers/ErickJMenezes) --- Top Contributors [![ErickJMenezes](https://avatars.githubusercontent.com/u/49132967?v=4)](https://github.com/ErickJMenezes "ErickJMenezes (16 commits)") ### Code Quality TestsPest Static AnalysisPHPStan Type Coverage Yes ### Embed Badge ![Health badge](/badges/erickjmenezes-policyman/health.svg) ``` [![Health](https://phpackages.com/badges/erickjmenezes-policyman/health.svg)](https://phpackages.com/packages/erickjmenezes-policyman) ``` ### Alternatives [defuse/php-encryption Secure PHP Encryption Library 3.9k162.4M214](/packages/defuse-php-encryption)[roave/security-advisories Prevents installation of composer packages with known security vulnerabilities: no API, simply require it 2.9k97.3M6.4k](/packages/roave-security-advisories)[mews/purifier Laravel 5/6/7/8/9/10 HtmlPurifier Package 2.0k16.7M113](/packages/mews-purifier)[robrichards/xmlseclibs A PHP library for XML Security 41278.1M118](/packages/robrichards-xmlseclibs)[bjeavons/zxcvbn-php Realistic password strength estimation PHP library based on Zxcvbn JS 86917.5M63](/packages/bjeavons-zxcvbn-php)[enlightn/security-checker A PHP dependency vulnerabilities scanner based on the Security Advisories Database. 33732.2M110](/packages/enlightn-security-checker) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)