springtimesoft/silverstripe-csp-suite

A set of tools for managing CSP in Silverstripe CMS projects.

Installs: 50

Dependents: 0

Suggesters: 0

Security: 0

Stars: 1

Watchers: 4

Forks: 1

Open Issues: 0

Type:silverstripe-vendormodule

1.0.0-beta5 2024-10-30 02:47 UTC

README

This module bundles a set of tools to help you implement and manage a Content Security Policy (CSP) and related security elements for your Silverstripe project.

Architecture and acknowledgements

This module sits atop silverstripeltd/silverstripe-csp, which provides a clean and highly adaptable API for defining CSP rules, and adds subresource integrity (SRI) and nonce support to the Requirements API to make compliance simple. We then build upon this with CMS-based mode settings, violation report collection, and a report UI within the CMS, much of which is adapted from the signify-nz/silverstripe-security-headers module.

Each of those projects has unique strengths and functionality, and this module aims to provide a comprehensive CSP solution combining the best elements of both.

Requirements

Installation

composer require springtimesoft/silverstripe-csp-suite
composer require symbiote/silverstripe-queuedjobs # Optional but strongly recommended

This module relies on Queued Jobs to perform regular cleanup tasks. Without a job runner configured, excessive records will build up over time if CSP violations are regularly triggered. The cleanup jobs are configured to run automatically once a day when Queued Jobs is operational.

License

See License.

Documentation