go-csp-util

Content-Security-Policy utils, i.e. CSP parser in compliance with the W3C CSP Level 2 and CSP Level 3 specs.

ABNF
see https://www.w3.org/TR/CSP2/#policy-syntax and https://www.w3.org/TR/CSP3/#framework

serialized-policy    = serialized-directive *( OWS ";" [ OWS serialized-directive ] )
serialized-directive = directive-name [ RWS directive-value ]
directive-name       = 1*( ALPHA / DIGIT / "-" )
directive-value      = *( %x09 / %x20-%x2B / %x2D-%x3A / %x3C-%7E )
                       ; Directive values may contain whitespace and VCHAR characters,
                       ; excluding ";" and ","

Usage

import "github.com/templarbit/go-csp-util"

directives, err := csp.ParseDirectives("default-src 'self'; script-src 'self'; object-src 'self'; base-uri 'none'; report-uri https://ingest.templarbit.com/csp-reports")

Docs

Chromium Content Security Policy implementation https://cs.chromium.org/chromium/src/content/common/content_security_policy/?type=cs&sq=package:chromium

Name		Name	Last commit message	Last commit date
Latest commit History 30 Commits
.gitignore		.gitignore
.travis.yml		.travis.yml
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
csp.go		csp.go
csp_test.go		csp_test.go
error.go		error.go
go.mod		go.mod
report.go		report.go
report_test.go		report_test.go

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

go-csp-util

Usage

Docs

About

Releases

Packages

Contributors 2

Languages

License

templarbit/go-csp-util

Folders and files

Latest commit

History

Repository files navigation

go-csp-util

Usage

Docs

About

Topics

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Contributors 2

Languages

Packages