Free Online CSP (Content Security Policy) Generator & Parser tool icon
Developer & debug tools

Free Online CSP (Content Security Policy) Generator & Parser

Online Content-Security-Policy (CSP) generator and parser with common directives, security warnings and normalized header output. All processing runs locally in your browser.

Online Content-Security-Policy (CSP) generator and parser with common directives, security warnings and normalized header output. All processing runs locally in your browser.
Directive list
CSP output
Common sources: 'self' / https: / data: / blob: / 'none' / 'unsafe-inline' / 'nonce-...' / 'sha256-...'

How to Use

How to Use

  • Generator Mode: Click 'Add directive' to build a CSP, with common sources supported.
  • Parser Mode: Paste an existing CSP Header to parse and validate it.
  • Click 'Copy CSP' to get the normalized Content-Security-Policy string.
  • You can apply parsed results back to the Generator for editing.

Hints / risks

  • CSP (Content Security Policy) is crucial for preventing XSS attacks.
  • Avoid using 'unsafe-inline' and 'unsafe-eval' whenever possible.
  • This tool runs entirely locally; your CSP config is not uploaded.
P2P File Transfer

P2P File Transfer

WebRTC-based P2P file transfer between browsers, with no relay server and all file data kept local to your devices.

SSL Checker

SSL Checker

Check a site’s HTTP and HTTPS reachability, status codes and redirects via a public proxy to quickly spot HTTPS configuration issues and redirect problems.

MAC Address Generator

MAC Address Generator

Generate MAC addresses locally with batch output, formatting options, optional prefix, and LAA/multicast bit controls. One-click copy.

WebRTC Fingerprint

WebRTC Fingerprint

Calculate DTLS certificate fingerprints from PEM and generate an SDP a=fingerprint line. Supports multiple hash algorithms. Local-only.

WebRTC ICE Debugger

WebRTC ICE Debugger

Parse and visualize WebRTC ICE candidates from SDP with filters and one-click copy. Useful for connectivity troubleshooting.

API tester

API tester

Send HTTP requests with custom methods, headers and body, with all requests running locally in your browser.

HTTP header parser

HTTP header parser

Parse raw HTTP headers into JSON or generate raw headers from JSON, with simple Cookie splitting, all locally in your browser.

Cron expression parser

Cron expression parser

Parse and generate cron expressions with common templates, visual field editing and upcoming run previews. All calculations are performed locally in your browser.

Cron expression generator

Cron expression generator

Visually build cron expressions with presets, validation and next-run preview. All calculations are performed locally in your browser.

AASA Validator

AASA Validator

Validate Apple App Site Association (AASA): check reachability, Content-Type, JSON structure and applinks rules; includes a Universal Links matcher and a troubleshooting guide.

CORS Checker

CORS Checker

Visual helper to analyze CORS preflight and response header configuration.