content-security-policy
JSON →Express/Connect middleware for setting Content-Security-Policy HTTP headers according to the W3C CSP specification (v0.3.4). This library provides helper constants (SRC_NONE, SRC_SELF, SRC_DATA) and a convenient getCSP() function to generate middleware for global or route-specific policies. It is minimal and focused solely on CSP headers, unlike more comprehensive security packages such as helmet (which includes CSP as one of many middleware). The package requires Node >= 0.4.0 and has no external dependencies, making it lightweight and easy to integrate into existing Express applications. The API is stable but the package has not seen updates since 2018; consider evaluating its suitability for modern CSP requirements.
Traffic · last 30 days ↓87% vs prev 7d
top countries 🇺🇸 United States · 🇸🇬 Singapore · 🇩🇪 Germany · 🇨🇦 Canada · VN