CSP Values

Content Security Policy values are the building blocks of your security policy. Understanding the different types of values and how to use them effectively is crucial for implementing a strong CSP.

Value Categories

Keywords

Keywords are special values that define how resources can be loaded and executed in your web application. Learn more about CSP Keywords

Hashes and Nonces

Two powerful mechanisms to allow specific inline scripts and styles while maintaining security. Learn more about CSP Hashes and Nonces

Host Sources

Specify which hosts can serve resources for your web application. Learn more about CSP Host Sources

Scheme Sources

Define which URL schemes can be used to load resources. Learn more about CSP Scheme Sources

Related Resources

External Articles

• MDN Web Docs: Content Security Policy
• OWASP: Content Security Policy Cheat Sheet
• Google Web Fundamentals: Content Security Policy

Related Documentation Sections

• CSP Keywords
• CSP Hashes and Nonces
• CSP Host Sources
• CSP Scheme Sources