Home

Awesome

CSP Badge CSP strict CSP friendly CSP hostile

Security Matters

<sup>Social Media Photo by Franck on Unsplash</sup>


This repository exists only to allow other repositories to add a badge about the CSP state of the module, library, or helper.

The offered SVG images are the following:


CSP strict CSP strict

The project does not need any specific CSP configuration because it does not include, use, or inject, any Function, eval, or other workarounds to evaluate anything at all, hence the security is granted to be the best possible.


CSP friendly CSP friendly

The project might need some specific CSP configuration, because it could need to use Function, eval, or any other workaround to evaluate code at runtime, hence security needs to be considered, and best practices followed.


CSP hostile CSP hostile

The project shamelessly needs, use, or pollute the running software, with Function, eval, or any other workaround to evaluate code at runtime, so that even CSP might not be enough to grant a secure execution of the program.


How to include

If your project would like to inform its users about its CSP compliancy, you can add one of these badges on top of your GitHub, GitLab, or any other service, so that it'll be instantly visible:

Markdown - Basic

![CSP strict](https://webreflection.github.io/csp/strict.svg)
![CSP friendly](https://webreflection.github.io/csp/friendly.svg)
![CSP hostile](https://webreflection.github.io/csp/hostile.svg)

Markdown - Informative

[![CSP strict](https://webreflection.github.io/csp/strict.svg)](https://webreflection.github.io/csp/#-csp-strict)
[![CSP friendly](https://webreflection.github.io/csp/friendly.svg)](https://webreflection.github.io/csp/#-csp-friendly)
[![CSP hostile](https://webreflection.github.io/csp/hostile.svg)](https://webreflection.github.io/csp/#-csp-hostile)

HTML - Basic

<img alt="CSP strict" src="https://webreflection.github.io/csp/strict.svg">
<img alt="CSP friendly" src="https://webreflection.github.io/csp/friendly.svg">
<img alt="CSP hostile" src="https://webreflection.github.io/csp/hostile.svg">

HTML - Informative

<a href="https://webreflection.github.io/csp/#-csp-strict">
  <img alt="CSP strict" src="https://webreflection.github.io/csp/strict.svg">
</a>
<a href="https://webreflection.github.io/csp/#-csp-friendly">
  <img alt="CSP friendly" src="https://webreflection.github.io/csp/friendly.svg">
</a>
<a href="https://webreflection.github.io/csp/#-csp-hostile">
  <img alt="CSP hostile" src="https://webreflection.github.io/csp/hostile.svg">
</a>