
Security News
Bun 1.2.19 Adds Isolated Installs for Better Monorepo Support
Bun 1.2.19 introduces isolated installs for smoother monorepo workflows, along with performance boosts, new tooling, and key compatibility fixes.
csp-helper
Advanced tools
Helpers for creating Content Security Policy (CSP) headers.
npm install csp-helper
createCspHeader
Create a CSP header string from a CSP configuration object.
import {
CSP_PRESET_DATADOG_INTAKE_URLS,
CSP_PRESET_DATADOG_WEB_WORKER,
CSP_PRESET_GOOGLE_ANALYTICS_4,
CSP_PRESET_GOOGLE_TAG_MANAGER_UNSAFE_INLINE,
CSP_PRESET_HOTJAR,
createCspHeader,
} from 'csp-helper';
const cspHeader = createCspHeader(
{
'default-src': `'self'`,
'script-src': `'self' https://example.com`,
'style-src': `'self' https://example.com`,
},
{
includeHeaderName: true,
presets: [
CSP_PRESET_DATADOG_INTAKE_URLS,
CSP_PRESET_DATADOG_WEB_WORKER,
CSP_PRESET_GOOGLE_ANALYTICS_4,
CSP_PRESET_GOOGLE_TAG_MANAGER_UNSAFE_INLINE,
CSP_PRESET_HOTJAR,
],
},
);
console.log(cspHeader);
mergeCspConfigs
Merge multiple CSP configurations into one.
import {
CSP_PRESET_GOOGLE_ANALYTICS_4,
CSP_PRESET_GOOGLE_TAG_MANAGER_UNSAFE_INLINE,
mergeCspConfigs,
} from 'csp-helper';
const cspConfig = mergeCspConfigs([
{
'default-src': `'self'`,
'script-src': `'self' https://example.com`,
'style-src': `'self' https://example.com`,
},
{
'script-src': `'self' https://example.com https://example2.com`,
'style-src': `'self' https://example.com https://example2.com`,
},
CSP_PRESET_GOOGLE_ANALYTICS_4,
CSP_PRESET_GOOGLE_TAG_MANAGER_UNSAFE_INLINE,
]);
console.log(cspConfig);
MIT © meteorlxy & Contributors
FAQs
Helpers for managing Content Security Policy (CSP)
The npm package csp-helper receives a total of 23 weekly downloads. As such, csp-helper popularity was classified as not popular.
We found that csp-helper demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Bun 1.2.19 introduces isolated installs for smoother monorepo workflows, along with performance boosts, new tooling, and key compatibility fixes.
Security News
Popular npm packages like eslint-config-prettier were compromised after a phishing attack stole a maintainer’s token, spreading malicious updates.
Security News
/Research
A phishing attack targeted developers using a typosquatted npm domain (npnjs.com) to steal credentials via fake login pages - watch out for similar scams.