Last chance to get discounted tickets to Codegarden... Price goes up on Tuesday at 20:00 CEST!

6 votes

Easy Content-Security-Policy

This package adds easily-configured Content Security Policy (CSP) headers to your website. The Content-Security-Policy header's use is to prevent events like cross-site scripting, clickjacking, and other code injection attacks that might be executed by malitious content that your website trusts. Let's make it only trust what we want it to!

Since most added scripts, fonts, images, objects, or other items that would be limited by a Content-Security-Policy header are added by front-end developers, the goal of this package is to make it easy for a developer to add new policies when needed without having to parse complicated web.config files or dive into a custom HttpModule (which is what this package makes for you!).

For more information on CSPs, feel free to check out these handy references!

Screenshots

Archived files

Documentation

Source code

Project owner

Offroadcode

Offroadcode

Offroadcode has 351 karma points

Project Compatibility

This project is compatible with the following versions as reported by community members who have downloaded this package:
Untested or doesn't work on Umbraco Cloud
7.10.x (untested)
7.9.x (untested)
7.8.x (untested)
7.7.x (untested)
7.6.x (untested)
7.5.x (untested)
7.4.x (untested)
7.3.x (untested)
7.2.x (untested)
7.1.x (untested)
7.0.x (untested)
6.1.x (untested)
6.0.x (untested)

You must login before you can report on package compatibility.

Project Information

  • Project owner: Offroadcode
  • Contributors: Janae Cram
  • Created: 27/03/2018
  • Current version 1.0.0
  • .net Version 4.5
  • License MIT
  • Downloads: 23

External resources