DevTools.run

CSP Generator

Generate Content Security Policy headers. Toggle directives and sources visually. Copy as HTTP header or meta tag.

default-src

script-src

style-src

img-src

font-src

connect-src

frame-src

media-src

object-src

base-uri

form-action

frame-ancestors

worker-src

manifest-src

Content-Security-Policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' https://fonts.gstatic.com; connect-src 'self'; frame-src 'none'; object-src 'none'; base-uri 'self'; form-action 'self'
<meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' https://fonts.gstatic.com; connect-src 'self'; frame-src 'none'; object-src 'none'; base-uri 'self'; form-action 'self'">

What is CSP?

Content Security Policy prevents XSS attacks by controlling which resources the browser can load. Add it as an HTTP header or meta tag.

Trading BotDigital StoreAlpha Signals