
Show HN: CSP-Builder – Content Security Policy Headers Made Easy - CiPHPerCoder
https://github.com/paragonie/csp-builder
======
CiPHPerCoder
This was written in PHP and intended for PHP projects, but porting it to
another language shouldn't be too challenging. (If you like it and want
something ported to your favorite language, let me know.)

CSP-Builder allows several use cases:

1\. Generating a static CSP header from a static JSON file to store in the
webserver configuration (saving developers from having to learn the syntax of
the header).

2\. Generating a static CSP from a dynamic JSON (allow users to add domains to
the whitelist by updating the JSON file).

3\. Generating dynamic JSON (e.g. for nonce and hash directives).

There are two branches:

    
    
      master -- Requires PHP 7 and uses strict typing
      v1.x   -- Supports PHP 5
    

If you have to work with PHP projects, definitely consider integrating CSP-
Builder into your workflow. We've integrated it with our open source CMS,
Airship (and provided a web interface for managing the whitelist).

