kenshodigital/kirby-csp

Adds a strict policy CSP header to Kirby projects.

Installs: 17

Dependents: 0

Suggesters: 0

Security: 0

Stars: 1

Watchers: 1

Forks: 0

Open Issues: 0

Type:kirby-plugin

1.0.0 2024-03-17 18:05 UTC

This package is auto-updated.

Last update: 2024-12-17 19:50:57 UTC


README

Adds a strict policy CSP header to Kirby projects.

General

Uses Kirby’s native nonce feature (used for the panel) to add a strict nonce-based content security policy header to all Kirby responses.

Installation

composer require kenshodigital/kirby-csp ^1.0

Usage

The plugin is not configurable and just follows the latest best practices.

However, scripts in your frontend are expected to include a nonce and the Kirby docs already provide a good example for this.

<script nonce="<?= $kirby->nonce() ?>"></script>