All recipes

Recipes

Harden a web response

Build a CSP, check security headers, decode the certificate, and review proxy config.

Step 1 of 4

Build a Content-Security-Policy

Compose a CSP from your real sources; avoid unsafe-inline and unsafe-eval, and review each directive's risk.