CSP Generator & Evaluator

CSP Generator & Evaluator

Build and validate Content Security Policy headers with a visual interface. Generate CSP headers by selecting directives and source values, or evaluate existing policies by pasting them for syntax validation and security analysis.

使い方

Generate mode: Select a preset (Strict, Moderate, or Permissive) or customize individual directives like default-src, script-src, style-src, and more. Toggle options like upgrade-insecure-requests and Report-Only mode. Click Generate to produce a complete CSP header.

Evaluate mode: Paste an existing CSP header string to parse all directives, identify security warnings (like unsafe-inline usage), and receive an overall security rating.

特徴

• Visual CSP Builder – Configure all CSP Level 3 directives through an intuitive form interface
• Security Presets – Start with Strict, Moderate, or Permissive templates and customize from there
• CSP Evaluation – Parse and analyze existing CSP headers for syntax issues and security weaknesses
• Security Warnings – Highlights risky patterns like unsafe-inline, unsafe-eval, and wildcard sources
• 複数の出力形式 – Get your CSP as an HTTP header or HTML meta tag, ready to copy
• Report-Only Mode – Generate Content-Security-Policy-Report-Only headers for testing without enforcement
• Security Rating – Receive an overall Strict/Moderate/Permissive/Weak rating for evaluated policies
• Client-Side Only – All generation and evaluation happens in your browser