It's better when it's simple

User Tools

Site Tools


cspheader Plugin

Compatible with DokuWiki

  • 2023-04-04 "Jack Jackrum" probably
  • 2022-07-31 "Igor" probably
  • 2020-07-29 "Hogfather" yes
  • 2018-04-22 "Greebo" yes

plugin Injects the Content Security Policy (CSP) header in DokuWiki pages.

Last updated on

Tagged with header, http, policy, security


Download and install the plugin using the Extension Manager. Refer to Plugins on how to install plugins manually.


Content Security Policy helps preventing cross-site scripting (XSS) attacks. With the CSP header enabled, Firefox won't execute JavaScript code which is embedded in HTML documents. It also denies loading code from external places which are not authorized by the CSP header.

For further information, visit the following pages:

Configuration and Settings

Define your Policy as appropriate via your site's Configuration Manager, under the Cspheader section.

Details for each CSP Directive can be found on MDN Web Docs. A direct link to each Directive's documentation is provided in the config page.


Revision history (Github releases)

Recent commits

Full Git log.

Known Bugs and Issues

Please refer to the plugin's Issue tracker on Github.

ToDo/Wish List

Requests for new features and enhancements should be filed on Github.

History / Credits

This plugin's original version was released in 2011 by Matthias Schulte, a.k.a lupo49. His last recorded maintenance activity on the project was in 2016, after which he stopped responding to submitted issues and pull requests.

In January 2021, Damien Regad decided to take over the plugin's maintenance, and integrate the changes he and Andi Gohr had submitted as pull requests.

plugin/cspheader.txt · Last modified: 2021-01-31 00:16 by dregad

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki