Content Security Policy (CSP) Generator

Content Security Policy (CSP) Generator

Content Security Policy (CSP) Generator

No policy generated yet.
Please go to the Data Configuration tab to configure your directives.

Configure the allowed sources for each content type. Custom domains should be space-separated (e.g., https://api.example.com https://cdn.example.com).

default-src Fallback for other directives
script-src JavaScript sources
style-src CSS sources
img-src Image sources
connect-src XHR, WebSockets, Fetch
font-src Font sources
frame-src iFrame sources
object-src Plugins (Flash, Java, etc.)
Scroll to Top