7 votes

Easy Content-Security-Policy

This package adds easily-configured Content Security Policy (CSP) headers to your website. The Content-Security-Policy header's use is to prevent events like cross-site scripting, clickjacking, and other code injection attacks that might be executed by malitious content that your website trusts. Let's make it only trust what we want it to!

Since most added scripts, fonts, images, objects, or other items that would be limited by a Content-Security-Policy header are added by front-end developers, the goal of this package is to make it easy for a developer to add new policies when needed without having to parse complicated web.config files or dive into a custom HttpModule (which is what this package makes for you!).

For more information on CSPs, feel free to check out these handy references!


Archived files


Source code

Package owner



Offroadcode has 396 karma points

Package Compatibility

This package is compatible with the following versions as reported by community members who have downloaded this package:
Untested or doesn't work on Umbraco Cloud
Version 8.18.x (untested)

You must login before you can report on package compatibility.

Previously reported to work on versions:

Package Information

  • Package owner: Offroadcode
  • Contributors: Janae Cram
  • Created: 27/03/2018
  • Current version 1.0.0
  • .NET version 4.5
  • License MIT
  • Downloads on Our: 431

External resources