Alternatives and similar repositories for webappsec-csp

Users that are interested in webappsec-csp are comparing it to the libraries listed below

• w3c / webappsec
  Web Application Security Working Group repo
  ☆647Updated 2 weeks ago
• google / csp-evaluator
  ☆374Updated 9 months ago
• w3c / webappsec-fetch-metadata
  Fetch Metadata
  ☆75Updated 8 months ago
• WICG / csp-next
  A Modest Content Security Proposal
  ☆40Updated 4 years ago
• w3c / webappsec-subresource-integrity
  WebAppSec Subresource Integrity
  ☆77Updated 4 months ago
• shapesecurity / salvation
  Parse Content Security Policy headers, warn about policy errors, safely manipulate, render, and optimise policies
  ☆72Updated last week
• w3c / webappsec-permissions-policy
  A mechanism to selectively enable and disable browser features and APIs
  ☆415Updated last month
• WICG / sanitizer-api
  ☆254Updated last week
• mozilla / eslint-plugin-no-unsanitized
  Custom ESLint rule to disallows unsafe innerHTML, outerHTML, insertAdjacentHTML and alike
  ☆237Updated 3 months ago
• mozilla / infosec.mozilla.org
  Guidelines, principles published on https://infosec.mozilla.org
  ☆99Updated 4 months ago
• w3c / webappsec-referrer-policy
  WebAppSec Referrer Policy
  ☆27Updated last month
• google / security-crawl-maze
  Security Crawl Maze is a comprehensive testbed for web security crawlers. It contains pages representing many ways in which one can link …
  ☆163Updated last week
• nodejs / security-advisories
  Security advisories for Node.js and the JavaScript ecosystem.
  ☆40Updated 4 years ago
• mikewest / strict-csp-for-everyone
  This is both a terrible and wonderful idea.
  ☆12Updated 6 years ago
• httpwg / http-extensions
  HTTP Extensions in progress
  ☆477Updated this week
• w3ctag / design-reviews
  W3C specs and API reviews
  ☆359Updated 3 weeks ago
• chromium / hstspreload
  🔒🔍 A Go package to scan sites against requirements for Chromium-maintained HSTS preload list.
  ☆121Updated 5 months ago
• w3c / webappsec-secure-contexts
  WebAppSec Secure Contexts
  ☆37Updated 9 months ago
• mikewest / deprecating-document-domain
  `document.domain` intentionally weakens the only security boundary we have. Perhaps we can dump it?
  ☆17Updated 2 years ago
• whatwg / storage
  Storage Standard
  ☆139Updated 3 months ago
• mozilla / observatory-cli
  ☆192Updated last year
• WICG / client-hints-infrastructure
  Specification for the Client Hints infrastructure - privacy preserving proactive content negotiation
  ☆62Updated last year
• chromium / trickuri
  ☆144Updated 2 years ago
• tc39 / security
  Discussion area for security aspects of ECMAScript
  ☆64Updated 7 years ago
• WICG / document-policy
  ☆23Updated 3 years ago
• google / safe-html-types
  Security contract types
  ☆60Updated 3 years ago
• mozilla / http-observatory-website
  Mozilla Observatory (Website)
  ☆310Updated last year
• sbingler / schemeful-same-site
  Explainer for Schemeful Same-Site
  ☆15Updated 5 years ago
• w3c / network-error-logging
  Network Error Logging
  ☆89Updated 7 months ago
• privacycg / CHIPS
  A proposal for a cookie attribute to partition cross-site cookies by top-level site
  ☆166Updated last month