CSP Builder

Compose a Content-Security-Policy header from common directive sources.

Directives default-src script-src style-src img-src connect-src upgrade insecure requests

Header

default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; connect-src 'self'; upgrade-insecure-requests

About this tool

Compose a Content-Security-Policy header from common directive sources.