Drupal is a registered trademark of Dries Buytaert
cms 2.1.1 Update released for Drupal core (2.1.1)! drupal 11.3.6 Update released for Drupal core (11.3.6)! drupal 10.6.6 Update released for Drupal core (10.6.6)! cms 2.1.0 Update released for Drupal core (2.1.0)! bootstrap 8.x-3.40 Minor update available for theme bootstrap (8.x-3.40). menu_link_attributes 8.x-1.7 Minor update available for module menu_link_attributes (8.x-1.7). moderated_content_bulk_publish 2.0.52 Minor update available for module moderated_content_bulk_publish (2.0.52). klaro 3.0.10 Minor update available for module klaro (3.0.10). klaro 3.0.9 Minor update available for module klaro (3.0.9). layout_paragraphs 2.1.2 Minor update available for module layout_paragraphs (2.1.2). geofield_map 11.1.8 Minor update available for module geofield_map (11.1.8). editoria11y 2.2.22 Minor update available for module editoria11y (2.2.22). ai 1.2.13 Minor update available for module ai (1.2.13). ai 1.3.2 Minor update available for module ai (1.3.2). moderated_content_bulk_publish 2.0.51 Minor update available for module moderated_content_bulk_publish (2.0.51). moderated_content_bulk_publish 2.0.50 Minor update available for module moderated_content_bulk_publish (2.0.50). editoria11y 2.2.21 Minor update available for module editoria11y (2.2.21). eca 3.1.0 Minor update available for module eca (3.1.0). sophron 3.1.1 Minor update available for module sophron (3.1.1). ai 1.3.1 Minor update available for module ai (1.3.1).
← All modules

csp

20,614 sites Security covered
View on drupal.org

The Content-Security-Policy header allows your Drupal site to inform browsers of trusted sources for JavaScript, CSS, and other external resources. This adds a security layer to detect and mitigate the risk of Cross Site Scripting (XSS), data injection, and other vulnerabilities.

Features

  • Integrates with Drupal's Libraries API to automatically generate a default site-wide policy for JavaScript and CSS
  • Up-to-date with the latest CSP Level 3 Working Draft
  • Policy is automatically optimized to remove duplicate directives and reduce header length
  • Dispatches an event to allow other modules to alter policies for each request
  • Policy Violation logging integrations:

Activity

Total releases
2
First release
Mar 2025
Latest release
1 year ago
Release cadence
1 day
Stability
100% stable

Releases

Version Type Release date
2.2.2 Stable Mar 13, 2025
8.x-1.40 Stable Mar 12, 2025