CSP Generator & Evaluator
Guide
CSP Generator & Evaluator
Build and validate Content Security Policy headers with a visual interface. Generate CSP headers by selecting directives and source values, or evaluate existing policies by pasting them for syntax validation and security analysis.
How to Use
Generate mode: Select a preset (Strict, Moderate, or Permissive) or customize individual directives like default-src, script-src, style-src, and more. Toggle options like upgrade-insecure-requests and Report-Only mode. Click Generate to produce a complete CSP header.
Evaluate mode: Paste an existing CSP header string to parse all directives, identify security warnings (like unsafe-inline usage), and receive an overall security rating.
Features
- Visual CSP Builder – Configure all CSP Level 3 directives through an intuitive form interface
- Security Presets – Start with Strict, Moderate, or Permissive templates and customize from there
- CSP Evaluation – Parse and analyze existing CSP headers for syntax issues and security weaknesses
- Security Warnings – Highlights risky patterns like unsafe-inline, unsafe-eval, and wildcard sources
- Multiple Output Formats – Get your CSP as an HTTP header or HTML meta tag, ready to copy
- Report-Only Mode – Generate Content-Security-Policy-Report-Only headers for testing without enforcement
- Security Rating – Receive an overall Strict/Moderate/Permissive/Weak rating for evaluated policies
- Client-Side Only – All generation and evaluation happens in your browser
Install Our Extensions
Add IO tools to your favorite browser for instant access and faster searching
恵 Scoreboard Has Arrived!
Scoreboard is a fun way to keep track of your games, all data is stored in your browser. More features are coming soon!
Must-Try Tools
View All New Arrivals
View AllUpdate: Our latest tool was added on Mar 11, 2026
Get Involved
Help us continue providing valuable free tools
