Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Setting CSP

See original GitHub issue

Is there a way to set CSP in a similar way to setting CORS, or more generically, is there a way to manually specify a batch of headers to send with each response? Having to actually write a complete Node based server solution just to test that a page works with CSP in place is really silly if http-server would allow that kind of testing with a one line, e.g.

> http-server -p 8000 --cors --csp="default-src 'self'; img-src *; media-src example.com; script-src 'self'"

Issue Analytics

  • State:open
  • Created 3 years ago
  • Reactions:5
  • Comments:5 (1 by maintainers)

github_iconTop GitHub Comments

1reaction
thornjadcommented, Oct 16, 2020

@ronaldohoch go for it! I opted-in this project to Hacktoberfest, so anything you submit will count after the maturity period. The current maintainer team is quite busy with other things, but I’m trying to get things moving again

0reactions
github-actions[bot]commented, Apr 10, 2022

This issue has been inactive for 180 days

Read more comments on GitHub >

github_iconTop Results From Across the Web

Content Security Policy (CSP) - HTTP - MDN Web Docs
Chrome Edge Content‑Security‑Policy Full support. Chrome25. more. Toggle history Full sup... base‑uri Full support. Chrome40. Toggle history Full sup... block‑all‑mixed‑content. Deprecated Full support. ChromeYes. Toggle history...
Read more >
How to Set Up a Content Security Policy (CSP) in 3 Steps
A Content Security Policy (CSP) is a security feature used to help protect websites and web apps from malicious attacks.
Read more >
Content-Security-Policy Header CSP Reference & Examples
Content-Security-Policy is the name of a HTTP response header that modern browsers use to enhance the security of the document (or web page)....
Read more >
What is CSP? Why & How to Add it to Your Website.
Quick Start Guide · Add a strict CSP Header to your site. · Sign up for a free account at Report URI. ·...
Read more >
What is Content Security Policy (CSP) | Header Examples
A Content Protection Policy (CSP) is a security standard that provides an additional layer of protection from cross-site scripting (XSS), clickjacking, ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

The question mark in the proxy example in the doc `-P http://localhost:8080?` is causing issue

Next page

Server Crashing with "Cannot set headers after they are sent to the client"