kenshodigital / kirby-csp
Adds a strict policy CSP header to Kirby projects.
Installs: 17
Dependents: 0
Suggesters: 0
Security: 0
Stars: 1
Watchers: 1
Forks: 0
Open Issues: 0
Type:kirby-plugin
Requires
- php: ^8.3
- getkirby/cms: ^4.1
- getkirby/composer-installer: ^1.2
README
Adds a strict policy CSP header to Kirby projects.
General
Uses Kirby’s native nonce feature (used for the panel) to add a strict nonce-based content security policy header to all Kirby responses.
Installation
composer require kenshodigital/kirby-csp ^1.0
Usage
The plugin is not configurable and just follows the latest best practices.
However, scripts in your frontend are expected to include a nonce and the Kirby docs already provide a good example for this.
<script nonce="<?= $kirby->nonce() ?>">…</script>