Title: Content Security Policy Manager Author: Patrick Sletvold Published: 21 يوليو، 2020 Last modified: 9 أغسطس، 2022 --- البحث عن الإضافات هذه الإضافة **لم يتم تحديثها وتجربتها لأكثر من 3 إصدارات ووردبريس رئيسية**. قد لا تكون خاضعة للصيانة أو تقدم الدعم والمساعدة بالوقت الحالي وقد تكون بها مشاكل في التوافق عند إستخدامها مع إصدارات حديثة من ووردبريس. ![](https://s.w.org/plugins/geopattern-icon/csp-manager.svg) # Content Security Policy Manager بواسطة [Patrick Sletvold](https://profiles.wordpress.org/16patsle/) [تنزيل](https://downloads.wordpress.org/plugin/csp-manager.1.2.1.zip) * [تفاصيل](https://ar.wordpress.org/plugins/csp-manager/#description) * [المراجعات](https://ar.wordpress.org/plugins/csp-manager/#reviews) * [التطوير](https://ar.wordpress.org/plugins/csp-manager/#developers) [الدعم](https://wordpress.org/support/plugin/csp-manager/) ## الوصف **Content Security Policy Manager** is a WordPress plugin that allows you to easily configure [Content Security Policy headers](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) for your site. You can have different CSP headers for the admin interface, the frontend for logged in users, and the frontend for regular visitors. The CSP directives can be individually enabled, and each policy can be set to enforce, report or be disabled. Please note that this plugin offers limited help in figuring out what the contents of the policy should be. It only lets you configure the CSP in a easy to use interface. ## الأسئلة المتكررّة ### What is a Content Security Policy? To quote MDN: > Content Security Policy (CSP) is an added layer of security that helps to detect > and mitigate certain types of attacks, including Cross Site Scripting (XSS) and > data injection attacks. These attacks are used for everything from data theft > to site defacement to distribution of malware. > To enable CSP, you need to configure your web server to return the Content-Security- > Policy HTTP header. ### How do I enable reporting? Reporting can be enabled by setting the report-uri and/or report-to directives. You will need the URL to a server that can handle these kinds of reports, which there are several of. [Report URI](https://report-uri.com/) is one example of such a service, they have a free tier that allows up to 10 000 reports per month (any more than that is just ignored, no extra cost). They also have a CSP wizard that can help you construct your policy. Reporting can be enabled both in report only mode and in enforce mode. You can use report-only mode to evaluate the contents of the policy by looking at which resources are reported as blocked. ## المراجعات ![](https://secure.gravatar.com/avatar/a6ae1eb28cec727feb2e8de616c2ef982f88388d9abe21ccc7e8db93682b285b? s=60&d=retro&r=g) ### 󠀁[Report To not working](https://wordpress.org/support/topic/report-to-not-working/)󠁿 [ningmorris](https://profiles.wordpress.org/ningmorris/) 13 يوليو، 2023 Hello, Since report-uri is no longer recommended anymore, I need to use report-to to send CSP reports. But for reason, it doesn’t send reports with report-to. My CSP settings are as follows: In Policy: report-to filed, I filled in csp-endpoint, in Frontend Policy Report-To Header field, I filled in the following JSON data {“ group”: “csp-endpoint”, “max_age”: 10886400, “endpoints”: [ { “url”: “{CSP REPORT ENDPOINT}” } ] } After saving changes in the CMS, all the commas disappeared in Frontend Policy Report-To Header field. { “group”: “csp-endpoint” “max_age”: 10886400“ endpoints”: [ { “url”: “{CSP REPORT ENDPOINT}” } ] } I am wondering if you can help to take a look at it, thanks! Note: I have no problem with report-uri. ![](https://secure.gravatar.com/avatar/7661642e7f2ec5a348fffa107b167c46445c206822a8699cbddb40e857f68d0a? s=60&d=retro&r=g) ### 󠀁[kills all CSS styles](https://wordpress.org/support/topic/kills-all-css-styles/)󠁿 [rintelengrafik](https://profiles.wordpress.org/rintelengrafik/) 18 فبراير، 2023 As soon as I leave the backend the view of my side is without any CSS. Only the plain HTML. ![](https://secure.gravatar.com/avatar/8a678a70061d4e07b7234182bcc79598fe06a0516f01d64e90597c19f503061b? s=60&d=retro&r=g) ### 󠀁[Very helpful and useful plugin. do you provide filters ?](https://wordpress.org/support/topic/very-helpful-and-useful-plugin-do-you-provide-filters/)󠁿 [buzibuzi](https://profiles.wordpress.org/buzibuzi/) 25 يناير، 2023 We are really happy with this plugin.im wondering if you provide a filter so i can merge some dynamic ‘nonce-xx’ to the policy header. this could be very very useful. ![](https://secure.gravatar.com/avatar/e371a5ff70982d6817347632f03e88b34e534d4fd2e76a1f841db07c28178365? s=60&d=retro&r=g) ### 󠀁[I like all the options for logged-in versus anonymous and report-only](https://wordpress.org/support/topic/i-like-all-the-options-for-logged-in-versus-anonymous-and-report-only/)󠁿 [Jason Robinson](https://profiles.wordpress.org/jsrobinson/) 10 أبريل، 2022 This plugin is well thought out and does what I need it to. It has also helped me troubleshoot other website’s CSP that wasn’t working correctly, and the documentation is solid if brief. ![](https://secure.gravatar.com/avatar/1e271d290377997c8dcb90ca03a711894c2401648ce1b903248062dc144e4aa5? s=60&d=retro&r=g) ### 󠀁[Extraordinaire !](https://wordpress.org/support/topic/extraordinaire-4/)󠁿 [jeebeezebee](https://profiles.wordpress.org/jeebeezebee/) 1 نوفمبر، 2021 Ce plugin m;a fait gagner des heures de travail. ![](https://secure.gravatar.com/avatar/a5997a96f2b037d2a14c8f6f0a8902af691711249b09fb23209ad4869395baec? s=60&d=retro&r=g) ### 󠀁[Great plugin to manage CSP](https://wordpress.org/support/topic/great-plugin-to-manage-csp/)󠁿 [c3idesign](https://profiles.wordpress.org/c3idesign/) 14 مايو، 2021 Great plugin, thank you. [ إقرأ جميع المراجعات 5 ](https://wordpress.org/support/plugin/csp-manager/reviews/) ## المساهمون والمطوّرون “Content Security Policy Manager” هو برنامج مفتوح المصدر. وقد ساهم هؤلاء الأشخاص بالأسفل في هذه الإضافة. المساهمون * [ Patrick Sletvold ](https://profiles.wordpress.org/16patsle/) لقد تم ترجمة ”Content Security Policy Manager“ إلى لغة واحدة. شكراً إلى جميع [المُترجمين](https://translate.wordpress.org/projects/wp-plugins/csp-manager/contributors) لمُساهماتهم. [ترجمة ”Content Security Policy Manager“ إلى لغتك.](https://translate.wordpress.org/projects/wp-plugins/csp-manager) ### مُهتم بالتطوير؟ [تصفّح الشفرة](https://plugins.trac.wordpress.org/browser/csp-manager/)، تحقق من [مستودع SVN](https://plugins.svn.wordpress.org/csp-manager/)، أو الاشتراك في [سجل التطوير](https://plugins.trac.wordpress.org/log/csp-manager/) بواسطة [RSS](https://plugins.trac.wordpress.org/log/csp-manager/?limit=100&mode=stop_on_copy&format=rss). ## سجل التغييرات This plugin’s development happens in [its GitHub repo](https://github.com/16patsle/wordpress-csp-manager). Feel free to send bug reports there. ### 1.2.1 * Fix error caused by improperly checking the chosen CSP mode when outputting headers( thanks @reatlat). ### 1.2.0 * Improved UI, with CSP directives divided into collapsible categories. * Add all remaining non-deprecated CSP directives. * Warn if enabling upgrade-insecure-requests on a site that does not support HTTPS. * Sanitize directives on save and disallow newlines in header content. * Various internal improvements. ### 1.1.0 This is a relatively small update, that only contains a few more CSP directives. The next update will contain even more, along with an updated user interface. * Add some commonly used CSP headers that were missing (thanks Master Dan). * Add some other user requested directives. * Fix some translator comments. ### 1.0.0 First version. * Support for different policies for admin, logged-in frontend and regular visitors. * Different policies can have different reporting/enforcing mode. * Directives can be configured separately, to easier see what is allowed in which cases. * Support for configuring the Report-To header. ## ميتا Meta * Version **1.2.1** * Last updated **قبل 4 سنوات** * Active installations **2٬000+** * WordPress version ** 4.6 أو أعلى ** * Tested up to **6.1.10** * PHP version ** 7.2 أو أعلى ** * Languages * [English (US)](https://wordpress.org/plugins/csp-manager/) و [Norwegian (Bokmål)](https://nb.wordpress.org/plugins/csp-manager/). * [ترجمة إلى لغتك](https://translate.wordpress.org/projects/wp-plugins/csp-manager) * Tags * [content security policy](https://ar.wordpress.org/plugins/tags/content-security-policy/) [csp](https://ar.wordpress.org/plugins/tags/csp/)[security](https://ar.wordpress.org/plugins/tags/security/) [Security Headers](https://ar.wordpress.org/plugins/tags/security-headers/)[xss](https://ar.wordpress.org/plugins/tags/xss/) * [عرض متقدم](https://ar.wordpress.org/plugins/csp-manager/advanced/) ## التقييم 4.3 من 5 نجوم. * [ 5 5-star reviews ](https://wordpress.org/support/plugin/csp-manager/reviews/?filter=5) * [ 0 4-star reviews ](https://wordpress.org/support/plugin/csp-manager/reviews/?filter=4) * [ 0 3-star reviews ](https://wordpress.org/support/plugin/csp-manager/reviews/?filter=3) * [ 0 2-star reviews ](https://wordpress.org/support/plugin/csp-manager/reviews/?filter=2) * [ 1 1-star review ](https://wordpress.org/support/plugin/csp-manager/reviews/?filter=1) [Your review](https://wordpress.org/support/plugin/csp-manager/reviews/#new-post) [See all reviews](https://wordpress.org/support/plugin/csp-manager/reviews/) ## المساهمون * [ Patrick Sletvold ](https://profiles.wordpress.org/16patsle/) ## الدعم لديك شيء لتقوله؟ بحاجة الى مساعدة؟ [عرض منتدى الدعم](https://wordpress.org/support/plugin/csp-manager/)