simple-csp

Very simple Content Security Policy manager

Usage

var express = require( 'express' );
var app = express();
var csp = require( "simple-csp" );

var csp_headers = {
    "default-src": ["'self'", "http://example.com"],
    "connect-src": ["'self'", "http://example.com"],
    "img-src": ["'self'", "data:", "http://example.com"]
};

app.use( "/", function ( req, res, done ) {
    csp.header( csp_headers, res );
    done();
} );

// Static files from ./public
app.use( "/", express.static( "./public" ) );

app.listen( 8888 );