kenshodigital / kirby-csp

Adds a strict CSP header to Kirby projects.

Maintainers

Package info

github.com/kenshodigital/kirby-csp

Type:kirby-plugin

pkg:composer/kenshodigital/kirby-csp

Statistics

Installs: 4

Dependents: 0

Suggesters: 0

Stars: 0

Open Issues: 0

Security

Advisories: 0

Aikido package health analysis

2.0.1 2026-06-16 16:23 UTC

Requires

Requires (Dev)

None

Suggests

None

Provides

None

Conflicts

None

Replaces

None

MIT 7f9edddae997e97ecea865cb10c413faa25345fe

kenshō digital <mail.woop@kensho.digital>

security cms csp kirby

dev-main
2.x-dev
2.0.1
2.0.0
1.x-dev
1.1.1
1.1.0
1.0.0

This package is auto-updated.

Last update: 2026-06-16 18:50:35 UTC

README

Adds a strict CSP header to Kirby projects.

General

Uses Kirby’s native nonce feature (used for the panel) to add a strict nonce-based content security policy header to HTML pages.

Usage

Installation

composer require kenshodigital/kirby-csp ^2.0

Setup

The plugin is not configurable and just follows the latest best practices.

script-src 'nonce-[…]' 'strict-dynamic'; object-src 'none'; base-uri 'none';

Development

However, scripts in your frontend are expected to include a nonce, like this.

<script nonce="<?= $kirby->nonce() ?>">
  …
</script>

kenshodigital / kirby-csp

Maintainers

Package info

Statistics

Security

README

General

Further reading

Usage

Installation

Setup

Development