checklist.day

csp-html-linter

JSON →
library 1.0.13 ·javascript
verified May 1, 2026
testingauth-securitydevops

A tool to lint HTML files for potential Content Security Policy (CSP) violations, targeting inline styles, inline JavaScript, style tags without nonce, and script tags without nonce. Current stable version is 1.0.13. It is designed to be used as a build step to catch violations early. Differentiators: simple CLI and programmatic API, zero dependencies, returns violations as array or detailed objects with location info. Offers a narrow but focused set of checks, suitable for integration into CI pipelines.

Traffic · last 30 days ↑33% vs prev 7d · indexed Fri May 01 · updated Mon Jun 15

total hits 26
actors 7 distinct systems
last hit 2d ago Amazonbot
ByteDance
9
Amazonbot
3
MetaBot
3
GPTBot
2
Script
1
Humans
2

top countries 🇸🇬 Singapore · 🇺🇸 United States · 🇨🇦 Canada · 🇫🇷 France · 🇮🇳 India

Resources

githubgithub.com/mdownes/csp-html-linter ↗
packagewww.npmjs.com/package/csp-html-linter ↗

API endpoints

full doc /v1/registry/csp-html-linter
install /v1/registry/csp-html-linter/install