itzbund/gsb-csp

GSB csp. This is Part of the Goverment Site Build (GSB) 11. Der GSB 11 ist eine Maßnahme der Dienstekonsolidierung Bund (DKB) des Bundesministeriums des Innern und für Heimat (BMI) und wird im Auftrag des Informationstechnikzentrums Bund (ITZBund) durchgeführt.

v1.5.0 2025-07-15 09:22 UTC

README

TYPO3 12

GSB 11 Extension gsb_csp

About

The extension gsb_csp automatically adds integrity attributes to all local CSS/Javascript resources, and adds provides a restrictive set of CSP headers.

It provides a backend module to see applied csp solutions.

Learn more about the GSB 11.

Installation

The best way to install this extension is to start with the GSB Sitepackage Kickstarter extension.

Quick installation without GSB Sitepackage Kickstarter

In a composer-based TYPO3 installation you can install the extension EXT:gsb_csp via composer:

composer config -g gitlab-domains gitlab.opencode.de && \
composer config -g repositories.gsb-csp vcs https://gitlab.opencode.de/bmi/government-site-builder-11/extensions/gsb_csp.git
composer require itzbund/gsb-csp

In TYPO3 installations above version 11.5 the extension will be automatically installed. You do not have to activate it manually.

Configuration

If you want to enabe the functionality of this extension, you have to enable the feature flag

gsb_csp.security.frontend.enforceHashbasedContentSecurityPolicy

and the TYPO3 core feature flag

security.frontend.enforceHashbasedContentSecurityPolicy

Usage

Nothing to do.

Contribute

As with TYPO3, we encourage you to join the project by submitting changes. Development of the GSB 11 happens mainly in the GSB 11 TYPO3 extension repositories.

To get started, have a look at our detailed contribution walkthrough.