✓ 🍋

Menu

すべてのツールガイド 76 用語集 65 ファイル形式 131 活用事例 302 API

Categories

P pdf I image D document T text D developer C css D design V video A audio Q qr S seo S security S social M math G generator

🍋 peasytools.com

Web

CSP

CSP (Content Security Policy)

A browser security standard that allows website owners to specify which sources of content (scripts, styles, images, fonts) are permitted to load, providing a strong defense against cross-site scripting (XSS) and data injection attacks.

技術的詳細

CSP is delivered via the Content-Security-Policy HTTP header or a tag. Directives include default-src (fallback), script-src (JavaScript sources), style-src (CSS), img-src (images), connect-src (fetch/XHR), font-src, and frame-src. Values can be 'self' (same origin), specific domains, 'unsafe-inline' (not recommended), 'nonce-{random}', or 'sha256-{hash}'. The report-uri/report-to directives send violation reports to a specified endpoint. Strict CSP policies effectively eliminate inline XSS by requiring all scripts to have nonces or hashes.

例

```javascript
// CSP: web API example
const response = await fetch('/api/resource');
const data = await response.json();
console.log(data);
```

関連ツール

H Hash Generator S SERP Preview O OG Tag Debugger H Heading Analyzer P Password Generator K Keyword Density Analyzer R Readability Score U Unix Timestamp Converter X XML Sitemap Generator S Schema.org Generator C Cron Expression Generator L Link Extractor C Canonical Tag Checker C Chmod Calculator R Robots.txt Analyzer S String Escape / Unescape I IP Subnet Calculator S Structured Data Validator C Color Code Converter W Word Count & SEO Grade C CSV ↔ JSON Converter M Meta Length Checker U URL Slug Generator X XML ↔ JSON Converter K Keyword Density Analyzer S SQL Formatter M Markdown Table Generator H HTTP Status Code Reference M Meta Tags Generator R Robots.txt Generator . .gitignore Generator H HTML Formatter C CSS Unit Converter J JSONPath Evaluator T Text Diff Checker D Data URI Converter L Lorem Ipsum Generator P Path Converter . .htaccess Generator . .env Validator P Placeholder Image Generator

関連用語

MIME Type Base64 URL Encoding Data URI CORS Minification Prettify Hash JWT Markdown JSON YAML CSV Regex HTTP/2 HTTP/3 PWA SPA SSR SSG Web Component Fetch API LocalStorage IndexedDB CDN Web Manifest HATEOAS Cache-Control QUIC Lazy Loading Prefetch CSR Hydration ARIA