CSP Generator
Build Content Security Policy (CSP) headers with a visual editor. Configure directives for scripts, styles, images, fonts, and connections.
Something went wrong
More options
How to use CSP Generator
- Select the CSP directives you need.
- Add allowed sources for each directive.
- Configure report-uri for violation reporting.
- Copy the generated CSP header.
What is CSP Generator?
A Content Security Policy (CSP) generator creates HTTP headers that help prevent Cross-Site Scripting (XSS), clickjacking, and code injection attacks. CSP tells browsers which sources of content are allowed to load on your page.
This tool provides a visual interface for configuring CSP directives including script-src, style-src, img-src, font-src, connect-src, and more. It generates the complete CSP header value you can add to your server configuration.
FAQ
- What is Content Security Policy?
- CSP is a security layer that helps detect and mitigate certain types of attacks, including XSS and data injection attacks.
- Will CSP break my site?
- Start with report-only mode to identify issues before enforcing. Use the report-uri directive to collect violation reports.
Related tools
People also use
- HTTP Security Headers Checker🔒 Privacy & Security Tools
Free online HTTP security headers checker. Audit your website's security headers including CSP, HSTS, X-Frame-Options, and more.
- CSRF Token Generator🔒 Privacy & Security Tools
Free online CSRF token generator. Generate cryptographically secure CSRF tokens for form protection. Multiple formats and customization options.
- security.txt Generator🔒 Privacy & Security Tools
Free online security.txt generator. Create RFC 9116 compliant security.txt files for responsible vulnerability disclosure. Copy-ready format.