springtimesoft / silverstripe-csp-suite
A set of tools for managing CSP in Silverstripe CMS projects.
Installs: 50
Dependents: 0
Suggesters: 0
Security: 0
Stars: 1
Watchers: 4
Forks: 1
Open Issues: 0
Type:silverstripe-vendormodule
Requires
- php: ^8.1
- silverstripe/admin: ^2.2
- silverstripe/framework: ^5.2.12
- silverstripe/reports: ^5.2
- silverstripeltd/silverstripe-csp: ^2.1
Requires (Dev)
Suggests
- symbiote/silverstripe-queuedjobs: Required for regular cleanup of CSP violations.
Conflicts
This package is auto-updated.
Last update: 2024-10-30 02:49:02 UTC
README
This module bundles a set of tools to help you implement and manage a Content Security Policy (CSP) and related security elements for your Silverstripe project.
Architecture and acknowledgements
This module sits atop silverstripeltd/silverstripe-csp, which provides a clean and highly adaptable API for defining
CSP rules, and adds subresource integrity (SRI) and nonce support to the Requirements API to make compliance simple.
We then build upon this with CMS-based mode settings, violation report collection, and a report UI within the CMS,
much of which is adapted from the signify-nz/silverstripe-security-headers module.
Each of those projects has unique strengths and functionality, and this module aims to provide a comprehensive CSP solution combining the best elements of both.
Requirements
- Silverstripe CMS ^5.2 (eager-loading support required)
Installation
composer require springtimesoft/silverstripe-csp-suite
composer require symbiote/silverstripe-queuedjobs # Optional but strongly recommended
This module relies on Queued Jobs to perform regular cleanup tasks. Without a job runner configured, excessive records will build up over time if CSP violations are regularly triggered. The cleanup jobs are configured to run automatically once a day when Queued Jobs is operational.
License
See License.