Leverages csp-typed-directives to create typed CSP <meta> policies and validated interdependant headers.
e.g. the CSP, CSP Report-Only, Report-To, and Referrer-Policy headers.
Mostly config compatible with csp-html-webpack-plugin
Now looking at making a multi-repo because this is going to require multiple layers of shared functionality and also built to an unplugin
Install the plugin with npm:
$ npm install --save-dev vite-plugin-csp
# Or shorthand
npm i -D vite-plugin-csp- Relative modules are resolved relative to the CWD, not the file
- no SSR support (and thus no nonce support)
- No parsing of JS embeded sources (since that would require framework specific plugins)
- Only
scriptandstylerelated directives are supported (except for the inclusion ofreport-tofor generating headers)