GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → WebReflection → csp

WebReflection / csp

Licence: other
Because Security Matters, and Web libraries, tools, and projects, should be more informative about their state.

Labels

securitycspbadge

Projects that are alternatives of or similar to csp

Csp Bypass
A Burp Plugin for Detecting Weaknesses in Content Security Policies
Stars: ✭ 130 (+766.67%)
Mutual labels:  csp
Csp
The source for this module has moved to the Helmet repository.
Stars: ✭ 225 (+1400%)
Mutual labels:  csp
AspNetCore6Experiments
ASP.NET Core Blazor BFF with Azure AD and Razor page
Stars: ✭ 43 (+186.67%)
Mutual labels:  csp
Asynquence
Asynchronous flow control (promises, generators, observables, CSP, etc)
Stars: ✭ 1,737 (+11480%)
Mutual labels:  csp
Sobjectizer
An implementation of Actor, Publish-Subscribe, and CSP models in one rather small C++ framework. With performance, quality, and stability proved by years in the production.
Stars: ✭ 172 (+1046.67%)
Mutual labels:  csp
octocov
octocov is a toolkit for collecting code metrics (code coverage, code to test ratio and test execution time).
Stars: ✭ 191 (+1173.33%)
Mutual labels:  badge
Venice
Coroutines, structured concurrency and CSP for Swift on macOS and Linux.
Stars: ✭ 1,501 (+9906.67%)
Mutual labels:  csp
UltimateTabLayout
A library for tab layout use with viewpager. Very useful, small
Stars: ✭ 33 (+120%)
Mutual labels:  badge
Javasecurity
Java web and command line applications demonstrating various security topics
Stars: ✭ 182 (+1113.33%)
Mutual labels:  csp
cb-tumblebug
Cloud-Barista Multi-Cloud Infra Management Framework
Stars: ✭ 33 (+120%)
Mutual labels:  csp
Chymyst Core
Declarative concurrency in Scala - The implementation of the chemical machine
Stars: ✭ 142 (+846.67%)
Mutual labels:  csp
Next Secure Headers
Sets secure response headers for Next.js.
Stars: ✭ 156 (+940%)
Mutual labels:  csp
electron-windows-badge
Electron Windows Badge plugin to access and modify the badge number of the app icon in windows.
Stars: ✭ 71 (+373.33%)
Mutual labels:  badge
Archer
基于协程Swoole的Task组件,支持多种模式。轻松实现协程Task的队列、并发、Defer、计时器等 | Swoole coroutine task kit - Swoole Humanization Library
Stars: ✭ 132 (+780%)
Mutual labels:  csp
autobadge
Simple CLI tool to generate essential repository badges with ease
Stars: ✭ 16 (+6.67%)
Mutual labels:  badge
Csp Auditor
Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website
Stars: ✭ 121 (+706.67%)
Mutual labels:  csp
BadgesGenerator
A Swift playground to automatically generate personalized conference badges.
Stars: ✭ 36 (+140%)
Mutual labels:  badge
badger
Gamification platform to motivate your team with badges, adventures & other cool stuff!
Stars: ✭ 77 (+413.33%)
Mutual labels:  badge
BadgeControl
Badge view with controller written in Swift 5.0
Stars: ✭ 53 (+253.33%)
Mutual labels:  badge
VSMarketplaceBadge
Badge for Visual Studio Code Extension
Stars: ✭ 63 (+320%)
Mutual labels:  badge
View All Similar Projects ➔

CSP Badge CSP strict CSP friendly CSP hostile

Security Matters

Social Media Photo by Franck on Unsplash

This repository exists only to allow other repositories to add a badge about the CSP state of the module, library, or helper.

The offered SVG images are the following:

  • CSP strict suitable for projects that don't use eval or Function or scripts served as Blob, hence don't ever need any particular CSP rule
  • CSP friendly suitable for projects that might need particular CSP rules to fully work as expected
  • CSP hostile for all projects humble enough to declare such project is everything but secure, and inform users about the risk they might have if such project is used in production

CSP strict CSP strict

The project does not need any specific CSP configuration because it does not include, use, or inject, any Function, eval, or other workarounds to evaluate anything at all, hence the security is granted to be the best possible.

CSP friendly CSP friendly

The project might need some specific CSP configuration, because it could need to use Function, eval, or any other workaround to evaluate code at runtime, hence security needs to be considered, and best practices followed.

CSP hostile CSP hostile

The project shamelessly needs, use, or pollute the running software, with Function, eval, or any other workaround to evaluate code at runtime, so that even CSP might not be enough to grant a secure execution of the program.

How to include

If your project would like to inform its users about its CSP compliancy, you can add one of these badges on top of your GitHub, GitLab, or any other service, so that it'll be instantly visible:

Markdown - Basic

![CSP strict](https://webreflection.github.io/csp/strict.svg)
![CSP friendly](https://webreflection.github.io/csp/friendly.svg)
![CSP hostile](https://webreflection.github.io/csp/hostile.svg)

Markdown - Informative

[![CSP strict](https://webreflection.github.io/csp/strict.svg)](https://webreflection.github.io/csp/#-csp-strict)
[![CSP friendly](https://webreflection.github.io/csp/friendly.svg)](https://webreflection.github.io/csp/#-csp-friendly)
[![CSP hostile](https://webreflection.github.io/csp/hostile.svg)](https://webreflection.github.io/csp/#-csp-hostile)

HTML - Basic

<img alt="CSP strict" src="https://webreflection.github.io/csp/strict.svg">
<img alt="CSP friendly" src="https://webreflection.github.io/csp/friendly.svg">
<img alt="CSP hostile" src="https://webreflection.github.io/csp/hostile.svg">

HTML - Informative

<a href="https://webreflection.github.io/csp/#-csp-strict">
  <img alt="CSP strict" src="https://webreflection.github.io/csp/strict.svg">
</a>
<a href="https://webreflection.github.io/csp/#-csp-friendly">
  <img alt="CSP friendly" src="https://webreflection.github.io/csp/friendly.svg">
</a>
<a href="https://webreflection.github.io/csp/#-csp-hostile">
  <img alt="CSP hostile" src="https://webreflection.github.io/csp/hostile.svg">
</a>
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].