PHPackages                             flancer32/mage2\_ext\_csp - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. flancer32/mage2\_ext\_csp

ActiveMagento2-module[Security](/categories/security)

flancer32/mage2\_ext\_csp
=========================

Magento 2 module to collect CSP violations reports and to eliminate JS console warnings.

0.0.6(5y ago)5651.8k↓67.6%17[9 issues](https://github.com/flancer32/mage2_ext_csp/issues)[3 PRs](https://github.com/flancer32/mage2_ext_csp/pulls)GPL-3.0-onlyPHP

Since May 13Pushed 2y ago3 watchersCompare

[ Source](https://github.com/flancer32/mage2_ext_csp)[ Packagist](https://packagist.org/packages/flancer32/mage2_ext_csp)[ Docs](https://github.com/flancer32/mage2_ext_csp)[ RSS](/packages/flancer32-mage2-ext-csp/feed)WikiDiscussions master Synced yesterday

READMEChangelog (6)Dependencies (1)Versions (8)Used By (0)

mage2\_ext\_csp
===============

[](#mage2_ext_csp)

Module to collect CSP violations reports and convert it to the CSP rules.

**Attention! Starting from version 0.0.5 module's functionality is [disabled by default](./docs/user/strategy.md). You need explicitly enable module in `Stores / Configuration / Security / CSP / General`.**

Description
-----------

[](#description)

There are a lot of [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) (CSP) warnings in Javascript console for Magento 2.3.5+:

[![](./docs/img/js_console_errors.png)](./docs/img/js_console_errors.png)

This module adds `report-uri ...;` directive to CSP header, collects [reports](./docs/user/grid/reports.md) (separately for admin &amp; front areas) then generates new [rules](./docs/user/grid/rules.md) to eliminate CSP warnings in console. Cron tasks to analyze reports &amp; generate rules starts hourly.

The main goal of this module is to remove CSP errors from JS console completely but you can use this module to collect reports only (just disable activation for new rules in [config](./docs/user/config.md)).

You can switch CSP from report only to strict mode (set `Report Only` to `false` in config) after all violation reports will be converted to the rules and all not-allowed content will be locked by browser.

Installation
------------

[](#installation)

`composer.json`

```
"require": {
    "flancer32/mage2_ext_csp": "*"
}

```

```
$ ./bin/magento deploy:mode:set developer
$ composer require flancer32/mage2_ext_csp
$ ./bin/magento setup:upgrade
$ ./bin/magento deploy:mode:set production
$ ./bin/magento cache:clean
```

Docs
----

[](#docs)

- [Configuration](./docs/user/config.md)
- [Usage strategy](./docs/user/strategy.md)
- Grids:
    - [Violations reports](./docs/user/grid/reports.md)
    - [CSP rules](./docs/user/grid/rules.md)
- [CLI](./docs/user/command.md)
- [Cron](./docs/user/cron.md)
- [DB structure](./docs/dev/db_struct.md)

###  Health Score

34

—

LowBetter than 75% of packages

Maintenance17

Infrequent updates — may be unmaintained

Popularity43

Moderate usage in the ecosystem

Community13

Small or concentrated contributor base

Maturity51

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~11 days

Total

6

Last Release

2185d ago

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/6083415?v=4)[F. Lancer, SIA](/maintainers/flancer32)[@flancer32](https://github.com/flancer32)

---

Top Contributors

[![flancer64](https://avatars.githubusercontent.com/u/5052385?v=4)](https://github.com/flancer64 "flancer64 (38 commits)")

### Embed Badge

![Health badge](/badges/flancer32-mage2-ext-csp/health.svg)

```
[![Health](https://phpackages.com/badges/flancer32-mage2-ext-csp/health.svg)](https://phpackages.com/packages/flancer32-mage2-ext-csp)
```

###  Alternatives

[mews/purifier

Laravel 5/6/7/8/9/10 HtmlPurifier Package

2.0k18.7M143](/packages/mews-purifier)[paragonie/ecc

PHP Elliptic Curve Cryptography library

24820.0k37](/packages/paragonie-ecc)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
