7 votes
Easy Content-Security-Policy
This package adds easily-configured Content Security Policy (CSP) headers to your website. The Content-Security-Policy header's use is to prevent events like cross-site scripting, clickjacking, and other code injection attacks that might be executed by malitious content that your website trusts. Let's make it only trust what we want it to!
Since most added scripts, fonts, images, objects, or other items that would be limited by a Content-Security-Policy header are added by front-end developers, the goal of this package is to make it easy for a developer to add new policies when needed without having to parse complicated web.config files or dive into a custom HttpModule (which is what this package makes for you!).
For more information on CSPs, feel free to check out these handy references!
- Package Documentation
- Introduction to Content-Security-Policy by Scott Helme
- Securing Your Umbraco Site by Sebastiaan Janssen
- MDN Content-Security-Policy Web Docs
Screenshots
- Package Files
- Documentation
- Archived Files
Package files
Archived files
Documentation
Source code
Package owner
Package Compatibility
This package is compatible with the following versions as reported by community members who have downloaded this package:
Untested or doesn't work on Umbraco Cloud
Version 8.18.x (untested)
You must login before you can report on package compatibility.
Previously reported to work on versions:
Package Information
- Package owner: Offroadcode
- Contributors: Janae Cram
- Created: 27/03/2018
- Current version 1.0.0
- .NET version 4.5
- License MIT
- Downloads on Our: 431