CSP Generator allows developers, IT teams, and security experts to easily generate a Content Security Policy (CSP) for a public, or internal site - mitigating against client-side attacks like XSS, Clickjacking, Formjacking, Data Exfiltration and more.
The extension runs with similar logic as the rapidsec.com CSP generator, and is built combining years of cumulative best practice with the Content-Security-Policy technology and how to most effectively block client-side attacks.
When deploying the generated policies - you must first use the CSP report-only mode, with a proper reporting endpoint (sign up at RapidSec.com).
This is a free tool to help you on your CSP journey, and RapidSec provides no guarantees or warranties for it.
If you are looking to automate the deployment of Content-Security-Policy (CSP), along with other important security controls (SameSite, Security headers), you can use RapidSec.com .
谷歌浏览器、其他Chromium内核的浏览器
为打击盗链困扰,本站已启用人机验证
微信扫码关注左侧公众号,发送“插件”二字获得验证码,验证码5分钟全站有效