cosepo

A module for parsing, mutating, and serializing Content-Security-Policy directives.

Installation

gleam add cosepo

Usage

import cosepo
import cosepo/directive

pub fn main() {
  cosepo.parse("default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'")
  // -> Ok(ContentSecurityPolicy([
  //   Directive("default-src", ["https:", "'unsafe-eval'", "'unsafe-inline'"]),
  //   Directive("object-src", ["'none'"])])
  // )

  let assert Ok(directive1) = directive.new_directive("default-src", ["'none'"])
  let assert Ok(directive2) = directive.new_directive("script-src", ["https://example.com"])
  cosepo.serialize(ContentSecurityPolicy([directive1, directive2]))
  // -> "default-src 'none'; script-src https://example.com;"

  directive.new_directive("an-invalid-directive", [])
  // -> Error("an-invalid-directive is not a valid directive name")
}

Further documentation can be found at https://hexdocs.pm/cosepo.

Development

gleam test  # Run the tests