Baseline & strict Content-Security-Policy suggestions with inline hash generation.
AutoCSP is an experimental tool that helps you rapidly generate and refine Content-Security-Policy (CSP) headers by analyzing a target site. It produces both a baseline and a stricter hash-only variant, highlights differences, and surfaces risk heuristics, directive stats, and deployment snippets for multiple environments.
The goal is to accelerate adoption of strong CSPs by making discovery, hashing inline code, and evaluating tradeoffs more approachable. Features like crawl-based aggregation, runtime resource discovery, policy diffing, and risk deltas are meant to give you confidence before rolling a policy out in report-only or enforcement mode.
Built by Habbi Web Design. Visit the site to learn more about other projects and services.