Module Description
The Content-Security-Policy header allows your Drupal site to inform browsers of trusted sources for JavaScript, CSS, and other external resources. This adds a security layer to detect and mitigate the risk of Cross Site Scripting (XSS), data injection, and other vulnerabilities.

Features
* Integrates with Drupal's Libraries API to automatically generate a default site-wide policy for JavaScript and CSS
* Up-to-date with the latest CSP Level 3 Working Draft
* Policy is automatically optimized to remove duplicate directives and reduce header length
* Dispatches an event to allow other modules to alter policies for each request
* Policy Violation logging integrations:
* Reporting module
* Sentry (via Raven module)
* Report-URI.com


* For Drupal core < 10.1
* Automatically adds 'unsafe-inline' to individual requests when necessary for core libraries (core/ckeditor, core/drupal.ajax)
* The included Content Security Policy Extras module provides additional security hardening by altering core services.



Get Involved If you're interested in getting involved in module development but don't know where to start, reach out to gapple (@gappleca on Twitter).

Module Link
https://www.drupal.org/node/2894991
Project Usage
12465
Creation Date
Changed Date
Security Covered
Covered By Security Advisory
Version Available
Production
Module Summary
The Content-Security-Policy module aims to enhance Drupal site security by implementing a policy to inform browsers of trusted sources for external resources, reducing the risk of XSS, data injection, and other vulnerabilities.
Data Name
csp

OPENAI CHATBOT

OPENAI CHATBOT

12:18:55
Generic Chatbot
Hi, I'm a Drupal module expert powered by OpenAI, answering your questions about the Drupal module ecosystem. How can I be helpful today? Please note that we will log your question.

The entire project can be downloaded and setup via https://gitlab.com/freelygive/demos/module-bot