PHPackages                             roelvanhintum/craft-csp - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. roelvanhintum/craft-csp

ActiveCraft-plugin

roelvanhintum/craft-csp
=======================

Content Security Policy (or CSP) generator using nonces.

3.0.0(1y ago)1166↓100%10[1 issues](https://github.com/roelvanhintum/craft-csp/issues)MITPHPPHP ^8.0.2

Since Mar 16Pushed 5mo ago4 watchersCompare

[ Source](https://github.com/roelvanhintum/craft-csp)[ Packagist](https://packagist.org/packages/roelvanhintum/craft-csp)[ RSS](/packages/roelvanhintum-craft-csp/feed)WikiDiscussions craft4 Synced 1mo ago

READMEChangelog (10)Dependencies (1)Versions (15)Used By (0)

Content Security Policy plugin for Craft CMS 3.x
================================================

[](#content-security-policy-plugin-for-craft-cms-3x)

Content Security Policy (or CSP) generator using nonces.

Currently does not work in combination with `{% js %}{% endjs %}` block code twig tags.

Requirements
------------

[](#requirements)

- Craft 4.0.0 and up
- PHP 8.0.2 and up

Installation
------------

[](#installation)

To install the plugin, search the plugin store for "Content Security Policy" or:

`composer require roelvanhintum/craft-csp`

Setting up
----------

[](#setting-up)

Either config using `config/content-security-policy.php` or use nonces:

```
{# Regular html #}

{# Twig tags #}
{% css inlineCSS with {nonce: cspNonce('style-src')} %}
{% js 'example.js' with {nonce: cspNonce('script-src')} %}
```

Example `config/content-security-policy.php`:

```