CSP Header Generator
Generate a Content Security Policy header for your web application.
Fallback for all fetch directives
Valid JavaScript sources
Valid CSS sources
Valid image sources
Valid XHR/fetch targets
Valid font sources
Valid iframe sources
Valid plugin sources
Frequently Asked Questions
- CSP is an HTTP header that tells browsers which sources of content are allowed. It prevents XSS attacks by blocking unauthorized scripts, styles, and other resources.
Related Tools
Password Strength CheckerCheck password strength and crack time estimateAES EncryptionEncrypt and decrypt text with AES-256 in your browserTOTP / 2FA GeneratorGenerate TOTP codes from a secret key (Google Authenticator compatible)SHA-256 GeneratorGenerate SHA-256 hashes from any textMD5 GeneratorGenerate MD5 hashes for checksums and fingerprintingSalt GeneratorGenerate cryptographic salt values for password hashingJWT BuilderBuild and sign JWT tokens with a custom payload and secretXOR CipherEncrypt or decrypt text with a XOR key