Skip to content

johnhunter/yaml2csp

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
.github/workflows
.github/workflows
 
 
examples
examples
 
 
src
src
 
 
.gitignore
.gitignore
 
 
.nvmrc
.nvmrc
 
 
index.js
index.js
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 
readme.md
readme.md
 
 

Repository files navigation

yaml2csp

A node CLI utility for converting a yaml file to a CSP header value.

Motivation

CSP header values are often complex and it is useful to format these for readability. However, http header values need to be a single line string. By using yaml as a format we can include structure and comments.

These strings can then be used in http header configuration for servers and reverse-proxies.

Usage

  1. Create your CSP yaml file
  2. Install and run the utility
    • Either: npx @johnhunter/yaml2csp parse <yaml file>
    • Or:
      • npm install -g @johnhunter/yaml2csp
      • Then yaml2csp parse <yaml file>
  3. Copy result from the console (or specify an output file with -o)

Example

Yaml source file:

frame-ancestors:
  - 'self'
  - 'https://www.coolwebsite.com'

default-src:
  - 'self' # we can use comments!!
  - 'https://*.foo.com'

script-src:
  - 'self'
  - 'unsafe-eval'
  - 'blob:'
  - 'https://www.coolwebsite.com'
  - 'https://*.another-website.com'

img-src:
  - 'data:'
  - '*'

Generated output:

frame-ancestors 'self' https://www.coolwebsite.com; default-src 'self' https://*.foo.com; script-src 'self' 'unsafe-eval' blob: https://www.coolwebsite.com https://*.another-website.com; img-src data: *

Resources

About

A node CLI utility for converting a yaml file to a CSP header value.

www.npmjs.com/package/@johnhunter/yaml2csp

Topics

cli yaml csp

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases 3

v1.0.2 Latest
Jul 14, 2024
+ 2 releases

Languages