| CARVIEW |
Select Language
HTTP/2 200
date: Sun, 18 Jan 2026 20:48:38 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
vary: Accept-Encoding
set-cookie: exp_csrf_token=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly; SameSite=Lax
set-cookie: exp_csrf_token=3dfc2a756ab0681931c3f230c5815fb89f8cb3f5; expires=Sun, 18-Jan-2026 22:48:38 GMT; Max-Age=7200; path=/; secure; HttpOnly; SameSite=Lax
set-cookie: PHPSESSID=54uvrmi0sm1qn7adqffo8v2u30; path=/; secure; HttpOnly
cache-control: no-store, no-cache, must-revalidate
x-frame-options: SAMEORIGIN
x-frame-options: SAMEORIGIN
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 18 Jan 2026 20:48:38 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=4CGDtykPVV0XAG%2F%2BCgRGGl3KAU%2BRP3cZa83OGsQHdd1A9Gzqk7kLOrCqLCZ4jHilohlreItZNaT6qHQa489RoHI03qLILaclHkq8arvrUBvZJ2%2F%2B"}]}
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: gzip
cf-ray: 9c00f44bcc4d3a5b-BOM
alt-svc: h3=":443"; ma=86400
Hop CSP Header | Add-ons | ExpressionEngine
Description
Manage, serve, and log Content Security Policy headers with delightful ease
Hop CSP Header automatically generates and manages your site’s Content Security Policy (CSP) header.
If JavaScript or stylesheets from external servers have failed to load on your site, you might have already encountered a Content Security Policy issue.
By having the proper CSP directives in place, including a dynamic nonce, your site blocks cross-site scripting security attacks and ensures safe browsing for your users.
Privacy
Terms
Trademark Use
License
Packet Tide owns and develops ExpressionEngine. © Packet Tide, All Rights Reserved.