This was written in PHP and intended for PHP projects, but porting it to another language shouldn't be too challenging. (If you like it and want something ported to your favorite language, let me know.)
CSP-Builder allows several use cases:
1. Generating a static CSP header from a static JSON file to store in the webserver configuration (saving developers from having to learn the syntax of the header).
2. Generating a static CSP from a dynamic JSON (allow users to add domains to the whitelist by updating the JSON file).
3. Generating dynamic JSON (e.g. for nonce and hash directives).
If you have to work with PHP projects, definitely consider integrating CSP-Builder into your workflow. We've integrated it with our open source CMS, Airship (and provided a web interface for managing the whitelist).
CSP-Builder allows several use cases:
1. Generating a static CSP header from a static JSON file to store in the webserver configuration (saving developers from having to learn the syntax of the header).
2. Generating a static CSP from a dynamic JSON (allow users to add domains to the whitelist by updating the JSON file).
3. Generating dynamic JSON (e.g. for nonce and hash directives).
There are two branches:
If you have to work with PHP projects, definitely consider integrating CSP-Builder into your workflow. We've integrated it with our open source CMS, Airship (and provided a web interface for managing the whitelist).