This Magento 2 module automates the management of CSP whitelists and can dynamically capture CSP violations, add them to a database, and manage inline script CSP via nonce.
04 Mar 2025
Last week, Yireo organized a webinar about CSP & Magento with Ruud van Zuidam and Vinai Kopp. This link holds the recording.
02 Sep 2024
Magento 2 module that solves the problem of oversized CSP headers by splitting them into multiple headers. It extends Magento's CSP Simple Policy Renderer to replace the existing CSP headers, ensuring they remain valid and reducing the likelihood of exceeding the web server's maximum header size.
02 Sep 2024
CSP is a hot topic in the Magento community right now. On August 30th, Yireo organizes a webinar about this subject. Knowing Yireo, this will be good.
For some time now, Magento has been shipping with a CSP module, in general for security reasons but more specifically for PCI compliance. Magento 2.4.7-p1 changed the game and Hyvä is as-of-yet not compatible with these new changes. But there are solutions.
02 Aug 2024
I made this script to help you create Magento's "csp_whitelist.xml" easily.
11 Jul 2024