🛡️
CSP Generator
devnestio
← All Tools
Quick Presets
🔒 Strict
🛡️ Moderate
⚡ SPA / CDN
🔌 API Only
Directives
⚠️
unsafe-inline
or
unsafe-eval
significantly weakens CSP protection. Consider using nonces or hashes instead.
Generated CSP Header
Content-Security-Policy:
Copy Header
Copy Value Only
Reset
Usage Examples
HTTP Header (server-side):
Content-Security-Policy:
default-src 'self'
HTML Meta Tag:
<meta http-equiv="Content-Security-Policy"
content="
default-src 'self'
">
Stats
0 directives enabled
0 characters
Copied!