Yireo CSP Inspector for Magento 2
yireo/magento2-csp-inspector
CLI tool that inspects and reports the Content-Security-Policy headers generated for a given Magento URL and policy, making CSP values easier to review than digging through the browser.
Build Tests
Code Quality
Tested on Magento 2.4.9
Recent Test History
Each release is tested against the latest Magento version at that time.
Top Contributors
View Leaderboard
Share This Module's Status
README
Loaded from GitHubCSP Inspector for Magento 2
Simple CLI tool to inspect the current CSP headers of a specified Magento URL and report back the values - because it is too cumbersome to search for values in the browser.
Please note that this tool does NOT report issues with those CSP headers, it only inspects the currently generated HTTP headers. Use other tools like SanSec Watch or the M.Academy CSP Generator to fix your CSP headers.
Installation
composer require --dev yireo/magento2-csp-inspector
bin/magento module:enable Yireo_CspInspector
Usage
Report all policies and the mode of the homepage:
bin/magento csp:inspect
Report all policies and the mode of the cart-page:
bin/magento csp:inspect checkout/cart
Report all policy values for the policy script-src on the homepage:
bin/magento csp:inspect:policy script-src
This content is fetched directly from the module's GitHub repository. We are not the authors of this content and take no responsibility for its accuracy, completeness, or any consequences arising from its use.