yireo/magento2-csp-inspector

Magento module to help with inspecting CSP headers

Installs: 7

Dependents: 0

Suggesters: 0

Security: 0

Stars: 4

Watchers: 1

Forks: 0

Type:magento2-module

1.0.4 2024-09-12 13:56 UTC

This package is auto-updated.

Last update: 2024-10-12 14:14:21 UTC


README

Simple CLI tool to inspect the current CSP headers of a specified Magento URL and report back the values - because it is too cumbersome to search for values in the browser.

Please note that this tool does NOT report issues with those CSP headers, it only inspects the currently generated HTTP headers. Use other tools like SanSec Watch or the M.Academy CSP Generator to fix your CSP headers.

Installation

composer require --dev yireo/magento2-csp-inspector
bin/magento module:enable Yireo_CspInspector

Usage

Report all policies and the mode of the homepage:

bin/magento csp:inspect

Report all policies and the mode of the cart-page:

bin/magento csp:inspect checkout/cart

Report all policy values for the policy script-src on the homepage:

bin/magento csp:inspect:policy script-src