🔐 CSP Header Builder
Nonce Generator
🔄 Generate
Policy
default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; connect-src 'self'; object-src 'none'; frame-ancestors 'none'; upgrade-insecure-requests
✅ Validate
📋 Copy
Validation
Quick Add
self
none
unsafe-inline
unsafe-eval
https:
data:
blob:
googleapis
cloudflare