CSP Header Generator | Utilities

Csp Header Generator

Home /
Csp Header Generator

Visually build Content-Security-Policy headers. Toggle directives, pick sources, and copy the result.

Import Existing CSP

Presets

Generated CSP Header

Enable directives below to generate a CSP header

Directives

default-src

Fallback for other fetch directives

script-src

Valid sources for JavaScript

style-src

Valid sources for stylesheets

img-src

Valid sources for images

font-src

Valid sources for fonts

connect-src

Valid sources for fetch, XHR, WebSocket

media-src

Valid sources for audio/video

object-src

Valid sources for plugins (object, embed, applet)

frame-src

Valid sources for frames

child-src

Valid sources for web workers and nested contexts

worker-src

Valid sources for Worker, SharedWorker, ServiceWorker

frame-ancestors

Valid parents that can embed this page

form-action

Valid targets for form submissions

base-uri

Valid URLs for the base element

manifest-src

Valid sources for application manifests

upgrade-insecure-requests

Upgrade HTTP to HTTPS (no value needed)

block-all-mixed-content

Block loading of mixed content (no value needed)

CSP Quick Reference

'self' — Same origin only (scheme + host + port)
'none' — Block everything for this directive
'unsafe-inline' — Allow inline scripts/styles (weakens CSP)
'unsafe-eval' — Allow eval() and similar (weakens CSP)
'strict-dynamic' — Trust scripts loaded by already-trusted scripts
https: — Allow any HTTPS source
data: — Allow data: URIs (use cautiously)
blob: — Allow blob: URIs

[email protected]

Home

STRING

Convert Case
Regex Tester
Text Compare

NUMBER

Big Number Calculator
Decimal to Fraction
Ethereum Unit Converter
Number Conversion

DATE

Date Difference
Epoch Converter
Timezone Converter

DEV

Base64 Encode/Decode
Basic Authentication Header Generator
Calldata Decoder
Cron Expression Editor
CSP Header Generator
Diff Viewer
Encode Function
Hash Generator
HTTP Status Codes
JSON Prettier
JWT Decoder
Keccak-256 Hash
MongoDB ObjectId to Timestamp
NGINX Htpasswd Generator
Object Serializer
Regex Builder
Universal Calldata Decoder(beta)
UUID Generator

FILE

Chmod Calculator
CSV to JSON
File To Base64
JSON to CSV

IMAGE

Favicon Generator
Image Resize

MISC

Color Picker
DNS Lookup
Ethereum Private Key Address Database
IP Address Lookup
QR Code Reader & Generator
Random Password Generator