Content-Security-Policy editor

What is Content-Security-Policy header

Content-Security-Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross-Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft, to site defacement, to malware distribution. To enable CSP, you need to configure your web server to return the Content-Security-Policy HTTP header.

Content-Security-Policy editor

This tool helps you parse, edit, and generate a complex CSP policy easily. If you want to test the CSP policy, you can load the CSP policy below to your web server. You can also preview the change using ModHeader.

Directive Value
Content-Security-Policy: default-src 'self'
Want to add this Import to ModHeader button to your own website? Simply copy-and-paste the HTML tag below.
<iframe src="undefined" frameborder="0" width="180px" height="40px" title="Import to ModHeader"></iframe>
Learn more about ModHeader embed button