Content Security Policy Header Generator
Build and validate Content-Security-Policy headers with directive helpers and inline hash generation.
Additional Directives
Content-Security-Policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; object-src 'none'; upgrade-insecure-requests
<meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; object-src 'none'; upgrade-insecure-requests">
Content Security Policy (CSP) helps prevent XSS, clickjacking, and other code injection attacks. Test your policy in report-only mode first (Content-Security-Policy-Report-Only header) before enforcing it.
How to Use Content Security Policy Header Generator
- 1
Select directives
Choose which CSP directives to include in your policy.
- 2
Add allowed sources
Specify trusted domains for scripts, styles, images, and fonts.
- 3
Generate the header
Click generate to build the Content-Security-Policy header value.
- 4
Copy the header
Copy the complete CSP header for your server configuration.
Related Tools
Password Generator
Generate strong, random passwords with customizable length, character sets, and complexity requirements.
Password Strength Checker
Analyze password strength with entropy scoring, crack-time estimates, and improvement suggestions.
Random String Generator
Create cryptographically random strings for API keys, tokens, salts, and unique identifiers.
QR Code Generator
Create QR codes for URLs, text, Wi-Fi credentials, vCards, and more with customizable size and colors.
QR Code Reader
Scan and decode QR codes from uploaded images or your device camera to extract embedded data.
File Checksum Calculator
Compute MD5, SHA-1, SHA-256, and SHA-512 checksums to verify file integrity and detect tampering.