Get Started in Seconds
Install CSPctl and start protecting your web applications with Content Security Policy
Quick Install
curl -fsSL https://install.cspctl.com/install.sh | shAfter installation, verify with: cspctl --version
Why CSP?
Three Powerful Reasons to Adopt CSP
Content Security Policy is your first line of defense against web vulnerabilities. Here's how our utility makes CSP implementation simple and effective.
Prevent XSS Attacks
Block malicious script injection and protect your users from cross-site scripting vulnerabilities.
Usage:
Initialize CSP policy: cspctl init
Set script sources: cspctl allow-script 'self' cdn.example.com
Deploy policy: cspctl deploy --report-only
Example Policy:
script-src 'self' 'unsafe-inline' cdn.jsdelivr.net;
Debug Policy Violations
Monitor and analyze CSP violations in real-time to fine-tune your security policies.
Usage:
Start monitoring: cspctl monitor --endpoint /api/csp-report
View violations: cspctl violations list
Analyze patterns: cspctl violations analyze --last-24h
Example Policy:
Blocked 'unsafe-eval' in script-src directive
Enforce Secure Defaults
Automatically generate strict CSP policies with secure defaults for modern web applications.
Usage:
Generate strict policy: cspctl generate --strict
Test compatibility: cspctl test --url https://yoursite.com
Gradual rollout: cspctl deploy --percentage 10
Example Policy:
default-src 'none'; script-src 'self'; style-src 'self';