CSP Builder
NewBuild a Content-Security-Policy header with a clean UI.
See how it works
Watch a quick simulation of this tool in action — no file needed.
How to use CSP Builder
Follow these steps — everything happens instantly in your browser.
- 1
Step 1. Add or edit directives — default-src, script-src, style-src and more.
- 2
Step 2. Toggle upgrade-insecure-requests and (optionally) report-uri.
- 3
Step 3. Copy either the HTTP header or the meta tag version.
Why use this tool
Private by design
All processing happens locally in your browser. Open DevTools → Network and you'll see zero file uploads. Ever.
Instant
No upload wait, no queue, no server round-trip. Results appear the moment you drop a file.
Free & unlimited
No accounts, no watermarks, no daily caps. Use it as many times as you like, forever.
Works everywhere
Desktop, tablet or phone — every tool is responsive and installable as a PWA for offline use.
Frequently asked questions
Everything you might want to know about csp builder.
HTTP Headers Decoder
Parse and annotate raw HTTP headers — 60+ known headers.
.htaccess Generator
Build Apache .htaccess rules — HTTPS, redirects, caching, more.
nginx Config Generator
Generate nginx server blocks — static, SPA, proxy, PHP-FPM, HTTPS.
Hash Generator
Compute SHA-1, SHA-256 and SHA-512 hashes — locally.