CSP Header Generator
Generate Content-Security-Policy headers from directives with support for all CSP directives, upgrade-insecure-requests, and report-uri.
How to Use CSP Header Generator
The CSP Header Generator helps you build Content-Security-Policy headers by configuring individual directives through a visual interface. Set values for default-src, script-src, style-src, img-src, and other directives using standard CSP values like self, none, unsafe-inline, or specific domains. The tool generates both the HTTP header format and HTML meta tag format. Enable upgrade-insecure-requests or block-all-mixed-content with checkboxes. Essential for web developers implementing security headers to prevent XSS, clickjacking, and other injection attacks.
Step-by-Step Instructions
- Configure each CSP directive with allowed sources
- Optionally enable upgrade-insecure-requests or block-all-mixed-content
- Add a report-uri if you want violation reports
- Copy the generated HTTP header or meta tag
Related Tools
JSON Formatter and Validator
Format, validate, and pretty-print JSON with syntax highlighting.
Base64 Encoder and Decoder
Encode text to Base64 or decode Base64 strings back to plain text.
URL Encoder and Decoder
Encode special characters for URLs or decode percent-encoded strings.
HTML Entity Encoder and Decoder
Encode special characters as HTML entities or decode them back.