README.md
In dirkschumacher/ContentSecurityPolicy: Content Security Policies for Shiny Apps
ContentSecurityPolicy
The goal of ContentSecurityPolicy is provide a DSL and helpers
functions for defining Content Security
Policies to
make your Web-Apps more secure.
Content Security Policy (CSP) is an added layer of security that helps
to detect and mitigate certain types of attacks, including Cross Site
Scripting (XSS) and data injection attacks. These attacks are used for
everything from data theft to site defacement to distribution of
malware.
WORK IN PROGRESS - DO NOT USE IN PRODUCTION
Feedback and contributors welcome!
Installation
You can install the released version of ContentSecurityPolicy from
CRAN with:
install.packages("ContentSecurityPolicy")
remotes::install_github("dirkschumacher/ContentSecurityPolicy")
Example
Take a look at the example shiny app in the inst/examples directory.
library(ContentSecurityPolicy)
csp <- content_security_policy(
default_src(self),
script_src(self, unsafe_inline),
style_src(self, unsafe_inline),
img_src(self, "data:")
)
print(as_shiny_meta_tag(csp))
#> <meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:;"/>
dirkschumacher/ContentSecurityPolicy documentation built on Jan. 1, 2020, 12:54 a.m.
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
ContentSecurityPolicy
The goal of ContentSecurityPolicy is provide a DSL and helpers
functions for defining Content Security
Policies to
make your Web-Apps more secure.
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement to distribution of malware.
WORK IN PROGRESS - DO NOT USE IN PRODUCTION
Feedback and contributors welcome!
Installation
You can install the released version of ContentSecurityPolicy from CRAN with:
install.packages("ContentSecurityPolicy")
remotes::install_github("dirkschumacher/ContentSecurityPolicy")
Example
Take a look at the example shiny app in the inst/examples directory.
library(ContentSecurityPolicy)
csp <- content_security_policy(
default_src(self),
script_src(self, unsafe_inline),
style_src(self, unsafe_inline),
img_src(self, "data:")
)
print(as_shiny_meta_tag(csp))
#> <meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:;"/>
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
Embedding an R snippet on your website
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.