Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

A CSP Validation Plugin for Sublime Text 2

branch: master
README.md

CSP Validator

image

This is a Sublime Text 2 plugin that checks your JavaScript, HTML and CSS for potential Content Security Policy issues. If you're new to Content Security Policy there is, in fact, an HTML5 Rocks article for that!

Right now the plugin checks for:

  • Inline scripts
  • Images and scripts with src attributes with http(s) protocols
  • Use of eval or new Function
  • setTimeout with a string param (this is only explicit usage of a string, not if it's passed as a variable)
  • Attempting to load resources in CSS with http(s) protocols

Installation

Right now you need to clone this repo into your packages folder (typically ~/Library/Application Support/Sublime Text 2/Packages).

cd ~/Library/Application\ Support/Sublime\ Text\ 2/Packages
git clone git://github.com/paullewis/CSP-Validator.git

Or on Windows:

cd c:\users\YOUR_ACCOUNT\AppData\Roaming\Sublime Text 2\Packages
git clone git://github.com/paullewis/CSP-Validator.git

Please note: this is only an alpha release. Once all the issues are ironed out I'll request to be added to Package Control.

Usage

Just code away and all being well you will receive warnings as the plugin finds them. If for any reason you want to disable the warnings you can use Ctrl + Option + Shift + C (or Alt on PC instead of Option) to disable the plugin.

Something went wrong with that request. Please try again.