{"library":"content-security-policy","type":"library","category":null,"description":"Express/Connect middleware for setting Content-Security-Policy HTTP headers according to the W3C CSP specification (v0.3.4). This library provides helper constants (SRC_NONE, SRC_SELF, SRC_DATA) and a convenient getCSP() function to generate middleware for global or route-specific policies. It is minimal and focused solely on CSP headers, unlike more comprehensive security packages such as helmet (which includes CSP as one of many middleware). The package requires Node >= 0.4.0 and has no external dependencies, making it lightweight and easy to integrate into existing Express applications. The API is stable but the package has not seen updates since 2018; consider evaluating its suitability for modern CSP requirements.","language":"javascript","status":"maintenance","version":"0.3.4","tags":["javascript","express","connect","content-security-policy","security","csp"],"last_verified":"Wed May 27","install":[{"cmd":"npm install content-security-policy","imports":["const csp = require('content-security-policy');","const { SRC_NONE } = require('content-security-policy');","const { getCSP } = require('content-security-policy');"]},{"cmd":"yarn add content-security-policy","imports":[]},{"cmd":"pnpm add content-security-policy","imports":[]}],"homepage":null,"github":"https://github.com/samuelerdtman/content-security-policy","docs":null,"changelog":null,"pypi":null,"npm":"https://www.npmjs.com/package/content-security-policy","openapi_spec":null,"status_page":null,"smithery":null,"compatibility":{"summary":{"python_range":"18–22","success_rate":0,"avg_install_s":null,"avg_import_s":null,"wheel_type":null},"url":"https://checklist.day/v1/registry/content-security-policy/compatibility"}}