yireo / magento2-csp-inspector

Magento module to help with inspecting CSP headers

Maintainers

Details

github.com/yireo/Yireo_CspInspector

Source

Installs: 6

Dependents: 0

Suggesters: 0

Security: 0

Stars: 4

Watchers: 1

Forks: 0

Type:magento2-module

1.0.4 2024-09-12 13:56 UTC

Requires

magento/framework: ^102.0|^103.0

Requires (Dev)

None

Suggests

None

Provides

None

Conflicts

None

Replaces

None

OSL-3.0 bc7439544f87466e907dd1f85bc5f7bbe1d699af

dev-master
1.0.4
1.0.3
1.0.2
1.0.1
1.0.0

This package is auto-updated.

Last update: 2024-09-12 13:56:44 UTC

README

Simple CLI tool to inspect the current CSP headers of a specified Magento URL and report back the values - because it is too cumbersome to search for values in the browser.

Please note that this tool does NOT report issues with those CSP headers, it only inspects the currently generated HTTP headers. Use other tools like SanSec Watch or the M.Academy CSP Generator to fix your CSP headers.

Installation

composer require --dev yireo/magento2-csp-inspector
bin/magento module:enable Yireo_CspInspector

Usage

Report all policies and the mode of the homepage:

bin/magento csp:inspect

Report all policies and the mode of the cart-page:

bin/magento csp:inspect checkout/cart

Report all policy values for the policy script-src on the homepage:

bin/magento csp:inspect:policy script-src