Developer Tools

Content Security Policy Builder — CSP Header Generator Free

🔒 Runs in your browser

Build a Content Security Policy header by toggling directives and adding allowed domains. Covers default-src, script-src, style-src, img-src, connect-src, font-src, frame-src, and worker-src. Output as a ready-to-use HTTP response header and as an HTML meta tag. Runs in your browser — no data leaves your device.

How to use this tool

  1. Enable the CSP directives you need and configure their source lists.
  2. Add any custom domain sources in the text fields.
  3. Copy the HTTP header value or the meta tag.
default-src
script-src
style-src
img-src
connect-src
font-src
frame-src
worker-src
Content-Security-Policy: default-src 'self'
<meta http-equiv="Content-Security-Policy" content="default-src 'self'">

CSP is generated client-side. Prefer HTTP headers over meta tags for full directive support. Test with report-only mode first.

guide

How to Create a Content Security Policy Online — Free (2026)

Build a CSP header by toggling directives. Output as HTTP header or meta tag. No upload, browser-only.

More free toolsSee all 469
Merge PDFsCompress ImageJSON FormatterPassword GeneratorVAT CalculatorQR Code Generator
Content Security Policy Builder — CSP Header Generator Free | brevio