#security-policy #pretty #printing #line #content #csp #header

app cspretty

A simple Content Security Policy pretty printer and syntax highlighter

4 releases

0.1.3 Apr 9, 2022
0.1.2 Mar 28, 2022
0.1.1 Mar 28, 2022
0.1.0 Mar 24, 2022

#308 in Value formatting

MIT license

10KB
176 lines

CSPretty

A small Rust based Content Security Policy pretty printer.

Installation

cargo install cspretty

Usage

cspretty expects to receive a content-security policy via stdin. The easiest way to use it is to pipe to it directly. You might for example use curl -Is https://www.mozilla.org/en-US/ | grep content-security | cspretty to show a pretty printed version of Mozilla's CSP.

cspretty accepts lines that start with content-security-policy (like curl's headers would) or lines that only contain a CSP. Non matching lines will be ignored.

See this video for an example: asciicast

Functionality

cspretty adds line breaks between the different sources to make it easier to get a quick overview. It also classifies values into four different classes and applies a color to them: red for directives that are generally considered unsafe, green for safe values, black on red for values that could not be parsed and no highlighting for all other values.

Dependencies

~5–16MB
~157K SLoC