itzbund / gsb-csp
GSB csp. This is Part of the Goverment Site Build (GSB) 11. Der GSB 11 ist eine Maßnahme der Dienstekonsolidierung Bund (DKB) des Bundesministeriums des Innern und für Heimat (BMI) und wird im Auftrag des Informationstechnikzentrums Bund (ITZBund) durchgeführt.
Requires
- php: ^8.2
- cweagans/composer-patches: ^1.7
- typo3/cms-core: ^12.4.23
- typo3/cms-frontend: ^12.4.23
Requires (Dev)
- captainhook/captainhook-phar: ^5.21
- codeception/codeception: *
- codeception/module-asserts: *
- codeception/module-db: *
- doctrine/dbal: ^3.3 || ^4.0
- ergebnis/composer-normalize: ^2.28
- friendsofphp/php-cs-fixer: ^3.14
- helmich/typo3-typoscript-lint: 3.3.0
- itzbund/captainhook-hooks: ^1.0
- michielroos/typo3scan: ^1.7
- mockery/mockery: ^1.6
- php-coveralls/php-coveralls: ^2.5
- phpmd/phpmd: ^2.13
- phpstan/extension-installer: ^1.2
- phpstan/phpstan: ^1.10
- phpstan/phpstan-phpunit: ^1.3
- phpstan/phpstan-strict-rules: ^1.5
- phpunit/phpunit: ^10.0 || ^11.0
- ramsey/conventional-commits: ^1.5
- saschaegerer/phpstan-typo3: ^1.8
- sbuerk/typo3-cmscomposerinstallers-testingframework-bridge: ^0.1.2
- seld/jsonlint: ^1.9
- squizlabs/php_codesniffer: ^3.7
- ssch/typo3-rector: ^1.1 || ^2.0
- symfony/yaml: ^6.1 || ^7.0
- typo3/coding-standards: ^0.7 || ^0.8
- typo3/testing-framework: ^8.1
- dev-main / 1.x-dev
- v1.5.0
- v1.5.0-rc.2
- v1.5.0-rc.1
- v1.4.7
- v1.4.7-rc.2
- v1.4.7-rc.1
- v1.4.6
- v1.4.5
- v1.4.5-rc.1
- v1.4.4
- v1.4.3
- v1.4.2
- v1.4.1
- v1.4.0
- v1.4.0-rc.2
- v1.4.0-rc.1
- v1.3.4
- v1.3.3
- v1.3.2
- v1.3.2-rc.1
- v1.3.1
- v1.3.1-rc.3
- v1.3.1-rc.2
- v1.3.1-rc.1
- v1.3.0
- v1.3.0-rc.1
- v1.2.0
- v1.2.0-rc.1
- v1.1.1
- v1.1.1-rc.1
- v1.1.0
- v1.1.0-rc.2
- v1.1.0-rc.1
- v1.0.11-rc.1
- v1.0.10
- v1.0.10-rc.1
- v1.0.9
- v1.0.8
- v1.0.8-rc.1
- v1.0.7
- v1.0.6
- v1.0.6-rc.1
- v1.0.5
- v1.0.5-rc.1
- v1.0.4
- v1.0.4-rc.4
- v1.0.4-rc.3
- v1.0.4-rc.2
- v1.0.4-rc.1
- v1.0.3
- v1.0.3-rc.2
- v1.0.3-rc.1
- v1.0.2
- v1.0.2-rc.1
- v1.0.1
- v1.0.1-rc.1
- v1.0.0
- v1.0.0-rc.3
- v1.0.0-rc.2
- v1.0.0-rc.1
- dev-release
- dev-t3v13
This package is auto-updated.
Last update: 2025-07-21 07:49:24 UTC
README
GSB 11 Extension gsb_csp
About
The extension gsb_csp automatically adds integrity attributes to all local CSS/Javascript resources, and adds provides a restrictive set of CSP headers.
It provides a backend module to see applied csp solutions.
Installation
The best way to install this extension is to start with the GSB Sitepackage Kickstarter extension.
Quick installation without GSB Sitepackage Kickstarter
In a composer-based TYPO3 installation you can install the extension EXT:gsb_csp via composer:
composer config -g gitlab-domains gitlab.opencode.de && \
composer config -g repositories.gsb-csp vcs https://gitlab.opencode.de/bmi/government-site-builder-11/extensions/gsb_csp.git
composer require itzbund/gsb-csp
In TYPO3 installations above version 11.5 the extension will be automatically installed. You do not have to activate it manually.
Configuration
If you want to enabe the functionality of this extension, you have to enable the feature flag
gsb_csp.security.frontend.enforceHashbasedContentSecurityPolicy
and the TYPO3 core feature flag
security.frontend.enforceHashbasedContentSecurityPolicy
Usage
Nothing to do.
Contribute
As with TYPO3, we encourage you to join the project by submitting changes. Development of the GSB 11 happens mainly in the GSB 11 TYPO3 extension repositories.
To get started, have a look at our detailed contribution walkthrough.