From 454709f7e84b1ee7c1880c5c7a25b4baff1ac199 Mon Sep 17 00:00:00 2001
From: Giacomo Debidda <giacomo@giacomodebidda.com>
Date: Wed, 28 Sep 2022 18:00:52 +0200
Subject: [PATCH 01/15] feat(content-security-policy): add package

---
 .github/workflows/ci.yaml                     |    3 +
 assets/html-pages/404.html                    |   60 +
 assets/html-pages/about/index.html            |   73 +
 assets/html-pages/index.html                  |   69 +
 config/jest.cjs                               |    1 +
 custom-types/himalaya/index.d.ts              |   16 +
 docs/content-security-policy/.nojekyll        |    1 +
 .../assets/highlight.css                      |   29 +
 docs/content-security-policy/assets/main.js   |   54 +
 docs/content-security-policy/assets/search.js |    1 +
 docs/content-security-policy/assets/style.css | 1225 +++++++++++++++++
 .../assets/widgets.png                        |  Bin 0 -> 480 bytes
 .../assets/widgets@2x.png                     |  Bin 0 -> 855 bytes
 .../functions/cspDirectives.html              |   59 +
 .../functions/cspHeader.html                  |   59 +
 .../functions/cspJSON.html                    |   59 +
 docs/content-security-policy/index.html       |   74 +
 .../interfaces/Config.html                    |   72 +
 .../interfaces/Directives.html                |   56 +
 docs/content-security-policy/modules.html     |   66 +
 .../variables/recommended_policy.html         |   94 ++
 .../variables/starter_policy.html             |   70 +
 package-lock.json                             |  759 +---------
 .../.ae/content-security-policy.api.md        |   62 +
 packages/content-security-policy/LICENSE      |   21 +
 packages/content-security-policy/README.md    |   26 +
 .../__tests__/constants.mjs                   |   40 +
 .../__tests__/csp-directives.test.mjs         |   39 +
 .../__tests__/errors.test.mjs                 |   55 +
 .../__tests__/hash.test.mjs                   |   39 +
 .../__tests__/html-parser.test.mjs            |   42 +
 .../__tests__/schemas.test.mjs                |   54 +
 .../__tests__/source-values.test.mjs          |   85 ++
 .../__tests__/utils.test.mjs                  |   21 +
 ...ntent-security-policy.config.directives.md |   11 +
 .../content-security-policy.config.md         |   20 +
 ...content-security-policy.config.patterns.md |   11 +
 .../content-security-policy.cspdirectives.md  |   12 +
 .../content-security-policy.cspheader.md      |   12 +
 .../content-security-policy.cspjson.md        |   12 +
 .../content-security-policy.directives.md     |   12 +
 .../api-docs/content-security-policy.md       |   25 +
 ...tent-security-policy.recommended_policy.md |   29 +
 .../content-security-policy.starter_policy.md |   21 +
 .../content-security-policy/api-docs/index.md |   12 +
 .../api-extractor.json                        |    3 +
 packages/content-security-policy/package.json |   67 +
 .../release.config.cjs                        |   27 +
 .../src/csp-directives.ts                     |  129 ++
 .../content-security-policy/src/directives.ts |   92 ++
 .../content-security-policy/src/errors.ts     |   67 +
 packages/content-security-policy/src/hash.ts  |  148 ++
 .../src/html-parser.ts                        |  103 ++
 packages/content-security-policy/src/index.ts |    9 +
 .../content-security-policy/src/policies.ts   |   38 +
 .../content-security-policy/src/schemas.ts    |  169 +++
 .../src/source-values.ts                      |  154 +++
 packages/content-security-policy/src/utils.ts |   95 ++
 .../content-security-policy/tsconfig.json     |    8 +
 tsconfig.json                                 |    3 +
 60 files changed, 3981 insertions(+), 692 deletions(-)
 create mode 100644 assets/html-pages/404.html
 create mode 100644 assets/html-pages/about/index.html
 create mode 100644 assets/html-pages/index.html
 create mode 100644 custom-types/himalaya/index.d.ts
 create mode 100644 docs/content-security-policy/.nojekyll
 create mode 100644 docs/content-security-policy/assets/highlight.css
 create mode 100644 docs/content-security-policy/assets/main.js
 create mode 100644 docs/content-security-policy/assets/search.js
 create mode 100644 docs/content-security-policy/assets/style.css
 create mode 100644 docs/content-security-policy/assets/widgets.png
 create mode 100644 docs/content-security-policy/assets/widgets@2x.png
 create mode 100644 docs/content-security-policy/functions/cspDirectives.html
 create mode 100644 docs/content-security-policy/functions/cspHeader.html
 create mode 100644 docs/content-security-policy/functions/cspJSON.html
 create mode 100644 docs/content-security-policy/index.html
 create mode 100644 docs/content-security-policy/interfaces/Config.html
 create mode 100644 docs/content-security-policy/interfaces/Directives.html
 create mode 100644 docs/content-security-policy/modules.html
 create mode 100644 docs/content-security-policy/variables/recommended_policy.html
 create mode 100644 docs/content-security-policy/variables/starter_policy.html
 create mode 100644 packages/content-security-policy/.ae/content-security-policy.api.md
 create mode 100644 packages/content-security-policy/LICENSE
 create mode 100644 packages/content-security-policy/README.md
 create mode 100644 packages/content-security-policy/__tests__/constants.mjs
 create mode 100644 packages/content-security-policy/__tests__/csp-directives.test.mjs
 create mode 100644 packages/content-security-policy/__tests__/errors.test.mjs
 create mode 100644 packages/content-security-policy/__tests__/hash.test.mjs
 create mode 100644 packages/content-security-policy/__tests__/html-parser.test.mjs
 create mode 100644 packages/content-security-policy/__tests__/schemas.test.mjs
 create mode 100644 packages/content-security-policy/__tests__/source-values.test.mjs
 create mode 100644 packages/content-security-policy/__tests__/utils.test.mjs
 create mode 100644 packages/content-security-policy/api-docs/content-security-policy.config.directives.md
 create mode 100644 packages/content-security-policy/api-docs/content-security-policy.config.md
 create mode 100644 packages/content-security-policy/api-docs/content-security-policy.config.patterns.md
 create mode 100644 packages/content-security-policy/api-docs/content-security-policy.cspdirectives.md
 create mode 100644 packages/content-security-policy/api-docs/content-security-policy.cspheader.md
 create mode 100644 packages/content-security-policy/api-docs/content-security-policy.cspjson.md
 create mode 100644 packages/content-security-policy/api-docs/content-security-policy.directives.md
 create mode 100644 packages/content-security-policy/api-docs/content-security-policy.md
 create mode 100644 packages/content-security-policy/api-docs/content-security-policy.recommended_policy.md
 create mode 100644 packages/content-security-policy/api-docs/content-security-policy.starter_policy.md
 create mode 100644 packages/content-security-policy/api-docs/index.md
 create mode 100644 packages/content-security-policy/api-extractor.json
 create mode 100644 packages/content-security-policy/package.json
 create mode 100644 packages/content-security-policy/release.config.cjs
 create mode 100644 packages/content-security-policy/src/csp-directives.ts
 create mode 100644 packages/content-security-policy/src/directives.ts
 create mode 100644 packages/content-security-policy/src/errors.ts
 create mode 100644 packages/content-security-policy/src/hash.ts
 create mode 100644 packages/content-security-policy/src/html-parser.ts
 create mode 100644 packages/content-security-policy/src/index.ts
 create mode 100644 packages/content-security-policy/src/policies.ts
 create mode 100644 packages/content-security-policy/src/schemas.ts
 create mode 100644 packages/content-security-policy/src/source-values.ts
 create mode 100644 packages/content-security-policy/src/utils.ts
 create mode 100644 packages/content-security-policy/tsconfig.json

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index cf61f3ff..82f7f1ef 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -59,6 +59,9 @@ jobs:
       - name: 🔍 Test @jackdbd/cloud-tasks-utils
         run: npm run test:ci -w packages/cloud-tasks-utils
 
+      - name: 🔍 Test @jackdbd/content-security-policy
+        run: npm run test:ci -w packages/content-security-policy
+
       - name: 🔍 Test @jackdbd/firestore-utils
         env:
           SA_FIRESTORE_USER_TEST: ${{ secrets.SA_FIRESTORE_USER_TEST }}
diff --git a/assets/html-pages/404.html b/assets/html-pages/404.html
new file mode 100644
index 00000000..a35765a2
--- /dev/null
+++ b/assets/html-pages/404.html
@@ -0,0 +1,60 @@
+<!doctype html><html lang="en" data-theme="default"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="description" content="Giacomo Debidda&#39;s personal website and blog"><title>Oops! Not Found (404)</title><link rel="preconnect" href="https://plausible.io" crossorigin=""><link rel="dns-prefetch" href="https://plausible.io"><link rel="preconnect" href="https://res.cloudinary.com" crossorigin=""><link rel="dns-prefetch" href="https://res.cloudinary.com"><meta property="og:title" content="Oops! Not Found (404)"><meta property="og:type" content="website"><meta property="og:image" content="https://res.cloudinary.com/jackdbd/image/upload/v1599389496/profile-pic_k8mn6r.jpg"><meta property="og:image:alt" content="Giacomo Debidda&#39;s personal website and blog"><meta property="og:url" content="
+    https://www.giacomodebidda.com/404.html
+  "><meta property="og:description" content="Giacomo Debidda&#39;s personal website and blog"><meta property="og:locale" content="en_US"><meta name="twitter:card" content="summary"><meta name="twitter:site" content="@jackdbd"><meta name="twitter:title" content="Oops! Not Found (404)"><meta name="twitter:description" content="Giacomo Debidda&#39;s personal website and blog"><meta name="twitter:image" content="https://res.cloudinary.com/jackdbd/image/upload/v1599389496/profile-pic_k8mn6r.jpg"><meta name="twitter:image:alt" content="Giacomo Debidda&#39;s personal website and blog"><meta name="theme-color" content="#c80815"><link rel="shortcut icon" href="/assets/img/favicon/favicon.ico"><link rel="apple-touch-icon" sizes="180x180" href="/assets/img/favicon/apple-touch-icon.png"><link rel="icon" type="image/png" sizes="32x32" href="/assets/img/favicon/favicon-32x32.png"><link rel="icon" type="image/png" sizes="16x16" href="/assets/img/favicon/favicon-16x16.png"><link rel="manifest" href="/manifest.webmanifest"><style>:root{--scale-step--2:clamp(0.7rem, 0.72rem + -0.07vw, 0.67rem);--scale-step--1:clamp(0.94rem, 0.91rem + 0.12vw, 1rem);--scale-step-0:clamp(1.25rem, 1.15rem + 0.49vw, 1.5rem);--scale-step-1:clamp(1.67rem, 1.44rem + 1.14vw, 2.25rem);--scale-step-2:clamp(2.22rem, 1.77rem + 2.25vw, 3.38rem);--scale-step-3:clamp(2.96rem, 2.14rem + 4.1vw, 5.06rem);--scale-step-4:clamp(3.95rem, 2.52rem + 7.12vw, 7.59rem);--fluid-min-width:320;--fluid-max-width:1140;--fluid-screen:100vw;--fluid-bp:calc(
+    (var(--fluid-screen) - var(--fluid-min-width) / 16 * 1rem) /
+      (var(--fluid-max-width) - var(--fluid-min-width))
+  );--fc-3xs-min:(var(--fc-s-min) * 0.5);--fc-3xs-max:(var(--fc-s-max) * 0.5);--fc-2xs-min:(var(--fc-s-min) * 0.5);--fc-2xs-max:(var(--fc-s-max) * 0.5);--fc-xs-min:(var(--fc-s-min) * 0.75);--fc-xs-max:(var(--fc-s-max) * 0.75);--fc-s-min:(var(--f-0-min, 20));--fc-s-max:(var(--f-0-max, 24));--fc-m-min:(var(--fc-s-min) * 1.5);--fc-m-max:(var(--fc-s-max) * 1.5);--fc-l-min:(var(--fc-s-min) * 2);--fc-l-max:(var(--fc-s-max) * 2);--fc-xl-min:(var(--fc-s-min) * 3);--fc-xl-max:(var(--fc-s-max) * 3);--fc-2xl-min:(var(--fc-s-min) * 4);--fc-2xl-max:(var(--fc-s-max) * 4);--fc-3xl-min:(var(--fc-s-min) * 6);--fc-3xl-max:(var(--fc-s-max) * 6);--scale-space-3xs:calc(
+    ((var(--fc-3xs-min) / 16) * 1rem) + (var(--fc-3xs-max) - var(--fc-3xs-min)) *
+      var(--fluid-bp)
+  );--scale-space-2xs:calc(
+    ((var(--fc-2xs-min) / 16) * 1rem) + (var(--fc-2xs-max) - var(--fc-2xs-min)) *
+      var(--fluid-bp)
+  );--scale-space-xs:calc(
+    ((var(--fc-xs-min) / 16) * 1rem) + (var(--fc-xs-max) - var(--fc-xs-min)) *
+      var(--fluid-bp)
+  );--scale-space-s:calc(
+    ((var(--fc-s-min) / 16) * 1rem) + (var(--fc-s-max) - var(--fc-s-min)) *
+      var(--fluid-bp)
+  );--scale-space-m:calc(
+    ((var(--fc-m-min) / 16) * 1rem) + (var(--fc-m-max) - var(--fc-m-min)) *
+      var(--fluid-bp)
+  );--scale-space-l:calc(
+    ((var(--fc-l-min) / 16) * 1rem) + (var(--fc-l-max) - var(--fc-l-min)) *
+      var(--fluid-bp)
+  );--scale-space-xl:calc(
+    ((var(--fc-xl-min) / 16) * 1rem) + (var(--fc-xl-max) - var(--fc-xl-min)) *
+      var(--fluid-bp)
+  );--scale-space-2xl:calc(
+    ((var(--fc-2xl-min) / 16) * 1rem) + (var(--fc-2xl-max) - var(--fc-2xl-min)) *
+      var(--fluid-bp)
+  );--scale-space-3xl:calc(
+    ((var(--fc-3xl-min) / 16) * 1rem) + (var(--fc-3xl-max) - var(--fc-3xl-min)) *
+      var(--fluid-bp)
+  );--scale-space-3xs-2xs:calc(
+    ((var(--fc-3xs-min) / 16) * 1rem) + (var(--fc-2xs-max) - var(--fc-3xs-min)) *
+      var(--fluid-bp)
+  );--scale-space-2xs-xs:calc(
+    ((var(--fc-2xs-min) / 16) * 1rem) + (var(--fc-xs-max) - var(--fc-2xs-min)) *
+      var(--fluid-bp)
+  );--scale-space-xs-s:calc(
+    ((var(--fc-xs-min) / 16) * 1rem) + (var(--fc-s-max) - var(--fc-xs-min)) *
+      var(--fluid-bp)
+  );--scale-space-s-m:calc(
+    ((var(--fc-s-min) / 16) * 1rem) + (var(--fc-m-max) - var(--fc-s-min)) *
+      var(--fluid-bp)
+  );--scale-space-m-l:calc(
+    ((var(--fc-m-min) / 16) * 1rem) + (var(--fc-l-max) - var(--fc-m-min)) *
+      var(--fluid-bp)
+  );--scale-space-l-xl:calc(
+    ((var(--fc-l-min) / 16) * 1rem) + (var(--fc-xl-max) - var(--fc-l-min)) *
+      var(--fluid-bp)
+  );--scale-space-xl-2xl:calc(
+    ((var(--fc-xl-min) / 16) * 1rem) + (var(--fc-2xl-max) - var(--fc-xl-min)) *
+      var(--fluid-bp)
+  );--scale-space-2xl-3xl:calc(
+    ((var(--fc-2xl-min) / 16) * 1rem) + (var(--fc-3xl-max) - var(--fc-2xl-min)) *
+      var(--fluid-bp)
+  );--scale-space-s-l:calc(
+    ((var(--fc-s-min) / 16) * 1rem) + (var(--fc-l-max) - var(--fc-s-min)) *
+      var(--fluid-bp)
+  );--color-alabaster:#f2f0e6;--color-baby-powder:#fefefa;--color-bone:#e3dac9;--color-cyan-blue:#e5e9eb;--color-firebrick:#b22222;--color-gray20:#333333;--color-red:#d7000c;--color-slategray:#708090;--color-snow:#fffafa;--color-venetian-red:#c80815;--color-white:white;--color-accent:var(--color-venetian-red);--color-background:var(--color-baby-powder);--color-background-code:var(--color-cyan-blue);--color-text:var(--color-gray20);--font-headings:Nunito,ui-sans-serif,system-ui,-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,'Helvetica Neue',Arial,'Noto Sans',sans-serif,'Apple Color Emoji','Segoe UI Emoji','Segoe UI Symbol','Noto Color Emoji';--font-body:Merriweather,ui-serif,Georgia,Cambria,'Times New Roman',Times,serif}@media screen and (min-width:1140px){:root{--fluid-screen:calc(var(--fluid-max-width) * 1px)}}@font-face{font-family:Nunito;font-display:swap;font-style:normal;font-weight:800;src:local(''),url('/assets/fonts/nunito-v16-latin-800.woff2') format('woff2'),url('/assets/fonts/nunito-v16-latin-800.woff') format('woff')}@font-face{font-family:Merriweather;font-display:swap;font-style:normal;font-weight:400;src:local(''),url('/assets/fonts/merriweather-v22-latin-regular.woff2') format('woff2'),url('/assets/fonts/merriweather-v22-latin-regular.woff') format('woff')}@font-face{font-family:Merriweather;font-display:swap;font-style:italic;font-weight:400;src:local(''),url('/assets/fonts/merriweather-v22-latin-italic.woff2') format('woff2'),url('/assets/fonts/merriweather-v22-latin-italic.woff') format('woff')}@font-face{font-family:Merriweather;font-display:swap;font-style:normal;font-weight:700;src:local(''),url('/assets/fonts/merriweather-v22-latin-700.woff2') format('woff2'),url('/assets/fonts/merriweather-v22-latin-700.woff') format('woff')}@font-face{font-family:Merriweather;font-display:swap;font-style:italic;font-weight:700;src:local(''),url('/assets/fonts/merriweather-v22-latin-700italic.woff2') format('woff2'),url('/assets/fonts/merriweather-v22-latin-700italic.woff') format('woff')}.box{--box-space:var(--scale-space-m);padding:var(--box-space,1em)}.cluster{display:flex;flex-wrap:wrap;justify-content:center;align-items:center;margin:0 auto;gap:var(--cluster-gap,1ch)}.cluster>*{--cluster-spacing:0.05em;margin:var(--cluster-spacing)}.cluster[data-align=start]{justify-content:flex-start;margin-left:0}.cluster[data-align=end]{justify-content:flex-end;margin-right:0}.flow>:not(.display\:none)+*{margin-top:var(--flow-space,1em)}.region{padding:var(--region-space,1em) 0}.stack{--stack-space:var(--scale-space-m)}.stack>*{margin-top:0;margin-bottom:0}.stack>*+*{margin-top:var(--stack-space)}.wrapper{--max-width:50rem;margin-right:auto;margin-left:auto;max-width:95vw;padding-left:1.25rem;padding-right:1.25rem;width:var(--max-width);width:clamp(16rem,95vw,var(--max-width));position:relative}</style><link rel="stylesheet" href="/assets/css/style.css"><link rel="preload" href="/assets/fonts/nunito-v16-latin-800.woff2" as="font" type="font/woff2" crossorigin=""><link rel="preload" href="/assets/fonts/merriweather-v22-latin-regular.woff2" as="font" type="font/woff2" crossorigin=""><link rel="preload" href="/assets/fonts/merriweather-v22-latin-700.woff2" as="font" type="font/woff2" crossorigin=""><link rel="alternate" type="application/rss+xml" href="/feeds/posts.xml" title="Giacomo Debidda&#39;s blog posts"><script async="" type="module" src="/assets/js/is-land.js"></script><script async="" src="/assets/js/instantpage.js"></script><script async="" src="/assets/js/async-load-prism-theme.js"></script><script defer="defer" data-domain="giacomodebidda.com" src="https://plausible.io/js/plausible.js"></script><link rel="stylesheet" href="/assets/css/components.css"><link rel="stylesheet" href="/assets/css/utilities.css"></head><body><div id="wrapper-for-sticky-footer"><header><ul class="cluster wrapper region justify-content:space-between"><li><a href="/">Giacomo Debidda</a></li><li><ul class="cluster" data-align="start"><li><a href="/blog/">Blog</a></li><li><a href="/projects/">Projects</a></li><li><a href="/about/">About</a></li><li><a href="/contact/">Contact</a></li></ul></li></ul></header><main class="wrapper"><div class="flow region"><h1>Oops! Not Found (404)</h1><p>If you were looking for a blog post, try prepending <code>posts/</code> to the blog post's slug (I might have missed some redirects when migrating the blog).</p><p>For example, type:</p><p><code>/posts/first-steps-with-postgresql/</code></p><p>instead of:</p><p><code>/first-steps-with-postgresql/</code></p><p>Otherwise simply go back to the <a href="/">home</a>, or to the <a href="/blog">blog</a>.</p></div></main><footer><div class="flow wrapper region"><ul class="cluster" data-align="end"><li><a href="/feeds/posts.xml">RSS</a></li><li><a href="https://github.com/jackdbd" rel="noopener noreferrer" target="_blank">GitHub</a></li><li><a href="https://twitter.com/jackdbd" rel="noopener noreferrer" target="_blank">Twitter</a></li><li><a href="https://www.linkedin.com/in/giacomodebidda/" rel="noopener noreferrer" target="_blank">Linkedin</a></li><li><a href="https://stackoverflow.com/users/3036129/jackdbd" rel="noopener noreferrer" target="_blank">Stack Overflow</a></li></ul><div class="flex-end"><small>Copyright © 2020 – 2022 Giacomo Debidda – All rights reserved</small></div></div></footer></div></body></html>
\ No newline at end of file
diff --git a/assets/html-pages/about/index.html b/assets/html-pages/about/index.html
new file mode 100644
index 00000000..b630b5f6
--- /dev/null
+++ b/assets/html-pages/about/index.html
@@ -0,0 +1,73 @@
+<!DOCTYPE html>
+<html data-current="about" lang="en" data-theme="default">
+  <head><meta charset="utf-8"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="description" content="Giacomo Debidda's about page"><title>A few words about me</title><link rel="preconnect" href="https://plausible.io" crossorigin=""><link rel="dns-prefetch" href="https://plausible.io"><link rel="preconnect" href="https://res.cloudinary.com" crossorigin=""><link rel="dns-prefetch" href="https://res.cloudinary.com"><meta property="og:title" content="A few words about me"><meta property="og:type" content="website"><meta property="og:image" content="https://res.cloudinary.com/jackdbd/image/upload/v1599389496/profile-pic_k8mn6r.jpg"><meta property="og:image:alt" content="Giacomo Debidda's personal website and blog"><meta property="og:url" content="
+    https://www.giacomodebidda.com/about/
+  "><meta property="og:description" content="Giacomo Debidda's about page"><meta property="og:locale" content="en_US"><meta name="twitter:card" content="summary"><meta name="twitter:site" content="@jackdbd"><meta name="twitter:title" content="A few words about me"><meta name="twitter:description" content="Giacomo Debidda's about page"><meta name="twitter:image" content="https://res.cloudinary.com/jackdbd/image/upload/v1599389496/profile-pic_k8mn6r.jpg"><meta name="twitter:image:alt" content="Giacomo Debidda's personal website and blog"><meta name="theme-color" content="#c80815"><link rel="shortcut icon" href="/assets/img/favicon/favicon.ico"><link rel="apple-touch-icon" sizes="180x180" href="/assets/img/favicon/apple-touch-icon.png"><link rel="icon" type="image/png" sizes="32x32" href="/assets/img/favicon/favicon-32x32.png"><link rel="icon" type="image/png" sizes="16x16" href="/assets/img/favicon/favicon-16x16.png"><link rel="manifest" href="/manifest.webmanifest"><style>:root{--scale-step--2:clamp(0.7rem, 0.72rem + -0.07vw, 0.67rem);--scale-step--1:clamp(0.94rem, 0.91rem + 0.12vw, 1rem);--scale-step-0:clamp(1.25rem, 1.15rem + 0.49vw, 1.5rem);--scale-step-1:clamp(1.67rem, 1.44rem + 1.14vw, 2.25rem);--scale-step-2:clamp(2.22rem, 1.77rem + 2.25vw, 3.38rem);--scale-step-3:clamp(2.96rem, 2.14rem + 4.1vw, 5.06rem);--scale-step-4:clamp(3.95rem, 2.52rem + 7.12vw, 7.59rem);--fluid-min-width:320;--fluid-max-width:1140;--fluid-screen:100vw;--fluid-bp:calc(
+    (var(--fluid-screen) - var(--fluid-min-width) / 16 * 1rem) /
+      (var(--fluid-max-width) - var(--fluid-min-width))
+  );--fc-3xs-min:(var(--fc-s-min) * 0.5);--fc-3xs-max:(var(--fc-s-max) * 0.5);--fc-2xs-min:(var(--fc-s-min) * 0.5);--fc-2xs-max:(var(--fc-s-max) * 0.5);--fc-xs-min:(var(--fc-s-min) * 0.75);--fc-xs-max:(var(--fc-s-max) * 0.75);--fc-s-min:(var(--f-0-min, 20));--fc-s-max:(var(--f-0-max, 24));--fc-m-min:(var(--fc-s-min) * 1.5);--fc-m-max:(var(--fc-s-max) * 1.5);--fc-l-min:(var(--fc-s-min) * 2);--fc-l-max:(var(--fc-s-max) * 2);--fc-xl-min:(var(--fc-s-min) * 3);--fc-xl-max:(var(--fc-s-max) * 3);--fc-2xl-min:(var(--fc-s-min) * 4);--fc-2xl-max:(var(--fc-s-max) * 4);--fc-3xl-min:(var(--fc-s-min) * 6);--fc-3xl-max:(var(--fc-s-max) * 6);--scale-space-3xs:calc(
+    ((var(--fc-3xs-min) / 16) * 1rem) + (var(--fc-3xs-max) - var(--fc-3xs-min)) *
+      var(--fluid-bp)
+  );--scale-space-2xs:calc(
+    ((var(--fc-2xs-min) / 16) * 1rem) + (var(--fc-2xs-max) - var(--fc-2xs-min)) *
+      var(--fluid-bp)
+  );--scale-space-xs:calc(
+    ((var(--fc-xs-min) / 16) * 1rem) + (var(--fc-xs-max) - var(--fc-xs-min)) *
+      var(--fluid-bp)
+  );--scale-space-s:calc(
+    ((var(--fc-s-min) / 16) * 1rem) + (var(--fc-s-max) - var(--fc-s-min)) *
+      var(--fluid-bp)
+  );--scale-space-m:calc(
+    ((var(--fc-m-min) / 16) * 1rem) + (var(--fc-m-max) - var(--fc-m-min)) *
+      var(--fluid-bp)
+  );--scale-space-l:calc(
+    ((var(--fc-l-min) / 16) * 1rem) + (var(--fc-l-max) - var(--fc-l-min)) *
+      var(--fluid-bp)
+  );--scale-space-xl:calc(
+    ((var(--fc-xl-min) / 16) * 1rem) + (var(--fc-xl-max) - var(--fc-xl-min)) *
+      var(--fluid-bp)
+  );--scale-space-2xl:calc(
+    ((var(--fc-2xl-min) / 16) * 1rem) + (var(--fc-2xl-max) - var(--fc-2xl-min)) *
+      var(--fluid-bp)
+  );--scale-space-3xl:calc(
+    ((var(--fc-3xl-min) / 16) * 1rem) + (var(--fc-3xl-max) - var(--fc-3xl-min)) *
+      var(--fluid-bp)
+  );--scale-space-3xs-2xs:calc(
+    ((var(--fc-3xs-min) / 16) * 1rem) + (var(--fc-2xs-max) - var(--fc-3xs-min)) *
+      var(--fluid-bp)
+  );--scale-space-2xs-xs:calc(
+    ((var(--fc-2xs-min) / 16) * 1rem) + (var(--fc-xs-max) - var(--fc-2xs-min)) *
+      var(--fluid-bp)
+  );--scale-space-xs-s:calc(
+    ((var(--fc-xs-min) / 16) * 1rem) + (var(--fc-s-max) - var(--fc-xs-min)) *
+      var(--fluid-bp)
+  );--scale-space-s-m:calc(
+    ((var(--fc-s-min) / 16) * 1rem) + (var(--fc-m-max) - var(--fc-s-min)) *
+      var(--fluid-bp)
+  );--scale-space-m-l:calc(
+    ((var(--fc-m-min) / 16) * 1rem) + (var(--fc-l-max) - var(--fc-m-min)) *
+      var(--fluid-bp)
+  );--scale-space-l-xl:calc(
+    ((var(--fc-l-min) / 16) * 1rem) + (var(--fc-xl-max) - var(--fc-l-min)) *
+      var(--fluid-bp)
+  );--scale-space-xl-2xl:calc(
+    ((var(--fc-xl-min) / 16) * 1rem) + (var(--fc-2xl-max) - var(--fc-xl-min)) *
+      var(--fluid-bp)
+  );--scale-space-2xl-3xl:calc(
+    ((var(--fc-2xl-min) / 16) * 1rem) + (var(--fc-3xl-max) - var(--fc-2xl-min)) *
+      var(--fluid-bp)
+  );--scale-space-s-l:calc(
+    ((var(--fc-s-min) / 16) * 1rem) + (var(--fc-l-max) - var(--fc-s-min)) *
+      var(--fluid-bp)
+  );--color-alabaster:#f2f0e6;--color-baby-powder:#fefefa;--color-bone:#e3dac9;--color-cyan-blue:#e5e9eb;--color-firebrick:#b22222;--color-gray20:#333333;--color-red:#d7000c;--color-slategray:#708090;--color-snow:#fffafa;--color-venetian-red:#c80815;--color-white:white;--color-accent:var(--color-venetian-red);--color-background:var(--color-baby-powder);--color-background-code:var(--color-cyan-blue);--color-text:var(--color-gray20);--font-headings:Nunito,ui-sans-serif,system-ui,-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,'Helvetica Neue',Arial,'Noto Sans',sans-serif,'Apple Color Emoji','Segoe UI Emoji','Segoe UI Symbol','Noto Color Emoji';--font-body:Merriweather,ui-serif,Georgia,Cambria,'Times New Roman',Times,serif}@media screen and (min-width:1140px){:root{--fluid-screen:calc(var(--fluid-max-width) * 1px)}}@font-face{font-family:Nunito;font-display:swap;font-style:normal;font-weight:800;src:local(''),url('/assets/fonts/nunito-v16-latin-800.woff2') format('woff2'),url('/assets/fonts/nunito-v16-latin-800.woff') format('woff')}@font-face{font-family:Merriweather;font-display:swap;font-style:normal;font-weight:400;src:local(''),url('/assets/fonts/merriweather-v22-latin-regular.woff2') format('woff2'),url('/assets/fonts/merriweather-v22-latin-regular.woff') format('woff')}@font-face{font-family:Merriweather;font-display:swap;font-style:italic;font-weight:400;src:local(''),url('/assets/fonts/merriweather-v22-latin-italic.woff2') format('woff2'),url('/assets/fonts/merriweather-v22-latin-italic.woff') format('woff')}@font-face{font-family:Merriweather;font-display:swap;font-style:normal;font-weight:700;src:local(''),url('/assets/fonts/merriweather-v22-latin-700.woff2') format('woff2'),url('/assets/fonts/merriweather-v22-latin-700.woff') format('woff')}@font-face{font-family:Merriweather;font-display:swap;font-style:italic;font-weight:700;src:local(''),url('/assets/fonts/merriweather-v22-latin-700italic.woff2') format('woff2'),url('/assets/fonts/merriweather-v22-latin-700italic.woff') format('woff')}.box{--box-space:var(--scale-space-m);padding:var(--box-space,1em)}.cluster{display:flex;flex-wrap:wrap;justify-content:center;align-items:center;margin:0 auto;gap:var(--cluster-gap,1ch)}.cluster>*{--cluster-spacing:0.05em;margin:var(--cluster-spacing)}.cluster[data-align=start]{justify-content:flex-start;margin-left:0}.cluster[data-align=end]{justify-content:flex-end;margin-right:0}.flow>:not(.display\:none)+*{margin-top:var(--flow-space,1em)}.region{padding:var(--region-space,1em) 0}.stack{--stack-space:var(--scale-space-m)}.stack>*{margin-top:0;margin-bottom:0}.stack>*+*{margin-top:var(--stack-space)}.wrapper{--max-width:50rem;margin-right:auto;margin-left:auto;max-width:95vw;padding-left:1.25rem;padding-right:1.25rem;width:var(--max-width);width:clamp(16rem,95vw,var(--max-width));position:relative}</style>
+  <link rel="stylesheet" href="/assets/css/style.css"><link rel="preload" href="/assets/fonts/nunito-v16-latin-800.woff2" as="font" type="font/woff2" crossorigin=""><link rel="preload" href="/assets/fonts/merriweather-v22-latin-regular.woff2" as="font" type="font/woff2" crossorigin=""><link rel="preload" href="/assets/fonts/merriweather-v22-latin-700.woff2" as="font" type="font/woff2" crossorigin="">
+  <link rel="alternate" type="application/rss+xml" href="/feeds/posts.xml" title="Giacomo Debidda's blog posts">
+  <script async="" type="module" src="/assets/js/is-land.js"></script>
+  <script async="" src="/assets/js/instantpage.js"></script>
+  <script async="" src="/assets/js/async-load-prism-theme.js"></script>
+  <script defer="defer" data-domain="giacomodebidda.com" src="https://plausible.io/js/plausible.js"></script>
+  <link rel="stylesheet" href="/assets/css/components.css"><link rel="stylesheet" href="/assets/css/utilities.css"></head>
+  <body>
+    <div id="wrapper-for-sticky-footer"><header><ul class="cluster wrapper region justify-content:space-between"><li><a href="/">Giacomo Debidda</a></li><li><ul class="cluster" data-align="start"><li><a href="/blog/">Blog</a></li><li><a href="/projects/">Projects</a></li><li><a href="/about/" data-current="current item">About</a></li><li><a href="/contact/">Contact</a></li></ul></li></ul></header><main class="wrapper"><div class="flow region"><h1>A few words about me</h1><div class="stack stack-space:l"><p class="margin-top:l">Hi! I'm Giacomo, a freelance full-stack software developer from Italy.</p><div><section class="stack"><div class="stack text-to-speech"><h2>Professional experience</h2><p>I've been writing software for more than 20 years, starting with little scripts in <a href="https://en.wikipedia.org/wiki/Turbo_Pascal">Turbo Pascal</a> when I was in high school, signal/image processing programs in Matlab when at the University (I am a biomedical engineer by training), and applications of various nature in my professional life: data analysis programs in R and Python; web applications in JavaScript, TypeScript and ClojureScript; native applications in Zig.</p><p>Nowadays I specialize in developing services in Node.js on Google Cloud Platform. I am also pretty familiar with Clojure and its ecosystem. If you need to target the Java Virtual Machine, I can help.</p></div><audio controls=""><source src="https://storage.googleapis.com/bkt-eleventy-plugin-text-to-speech-audio-files/9366a2808025f44371991f6569db3017.opus" type="audio/ogg"><source src="https://storage.googleapis.com/bkt-eleventy-plugin-text-to-speech-audio-files/9366a2808025f44371991f6569db3017.mp3" type="audio/mpeg"><p>Your browser doesn't support HTML5 <code>audio</code>. Here are the links to the audio files instead:</p><ul><li><a href="https://storage.googleapis.com/bkt-eleventy-plugin-text-to-speech-audio-files/9366a2808025f44371991f6569db3017.opus" target="_blank">https://storage.googleapis.com/bkt-eleventy-plugin-text-to-speech-audio-files/9366a2808025f44371991f6569db3017.opus</a></li><li><a href="https://storage.googleapis.com/bkt-eleventy-plugin-text-to-speech-audio-files/9366a2808025f44371991f6569db3017.mp3" target="_blank">https://storage.googleapis.com/bkt-eleventy-plugin-text-to-speech-audio-files/9366a2808025f44371991f6569db3017.mp3</a></li></ul></audio><div class="callout callout--tip"><div class="callout__content"><p>💡 — You can also <em>listen</em> to the description above.</p><p>The text is automatically synthesized into speech using <a href="https://www.npmjs.com/package/@jackdbd/eleventy-plugin-text-to-speech">@jackdbd/eleventy-plugin-text-to-speech</a>, an <a href="https://www.11ty.dev/">Eleventy</a> plugin that uses the <a href="https://cloud.google.com/text-to-speech">Cloud Text-to-Speech API</a>.</p></div></div><p>In case you need it, here is <a href="https://github.com/jackdbd/jackdbd/raw/main/assets/cv.pdf" download="">my CV in PDF</a>.</p></section></div><div><section class="stack"><h2>Talks</h2><p>Pre-COVID era I used to give talks at conferences and Meetups. Here are a few ones I shortlisted:</p><ul class="stack"><li class="flow"><div class="stack stack-space:s"><h3>Data visualization con Python: teoria e pratica</h3><div class="cluster" data-align="start"><p>🗣️ <span>Italian</span></p><p>🔗 <a href="https://github.com/jackdbd/python-firenze-meetup-2020-02-06" target="_blank">Link</a></p></div><p>In this presentation I gave at PyFirenze I talked about the fundamentals of data visualization (visual perception, tidy data, the grammar of graphics) and showed many examples fo various type of charts in Altair.</p></div></li><li class="flow"><div class="stack stack-space:s"><h3>Approaching geovisualization and remote sensing with GeoViews</h3><div class="cluster" data-align="start"><p>🗣️ <span>English</span></p><p>🔗 <a href="https://github.com/jackdbd/geoviews-geopython-2018" target="_blank">Link</a></p></div><p>In this conference talk I gave at GeoPython I used a shapefile and a few python libraries to show a simple geospatial analysis of Basel districts.</p></div></li><li class="flow"><div class="stack stack-space:s"><h3>High Performance Data Analysis with big HDF5 files in Python</h3><div class="cluster" data-align="start"><p>🗣️ <span>English</span></p><p>🔗 <a href="https://github.com/jackdbd/hdf5-pydata-munich" target="_blank">Link</a></p></div><p>In this tutorial I gave at PyData Munich I showed how to load the entire NYC Taxi &amp; Limousine Commission dataset into an HDF5 dataset, analyze it with pandas and PyTables, and visualize it using Datashader.</p></div></li></ul><div class="callout callout--info"><div class="callout__content"><p>ℹ️ — I keep track of all of my talks in <a href="https://github.com/jackdbd/talks">this GitHub repo</a>, where you can find links to the relevant material for each talk.</p></div></div></section></div><div><section class="stack"><h2>Hobbies</h2><p>I like both surf skating and inline skating. I try doing either one of the two at least 3 times a week. I also have an all-terrain electric skateboard. It's pretty cool.</p><div class="callout callout--warn"><div class="callout__content"><p>⚠️ — Always wear a helmet when you ride. <a href="https://youtu.be/b9yL5usLFgY">I love helmets</a>.</p></div></div></section></div><div><section class="stack"><h2>Find me online</h2><p>I'm on <a href="https://github.com/jackdbd">GitHub</a>, <a href="https://stackoverflow.com/users/3036129/jackdbd">Stack Overflow</a>, <a href="https://www.linkedin.com/in/giacomodebidda/">LinkedIn</a> and—rarely—on <a href="https://twitter.com/jackdbd">Twitter</a>. I'm also on <a href="https://www.goodreads.com/user/show/76503683-giacomo-debidda">Goodreads</a> if you have any books you want to recommend me.</p><p>For availability and rates, please <a href="mailto:giacomo@giacomodebidda.com"><strong>email me</strong></a>.</p></section></div></div></div></main><footer><div class="flow wrapper region"><ul class="cluster" data-align="end"><li><a href="/feeds/posts.xml">RSS</a></li><li><a href="https://github.com/jackdbd" rel="noopener noreferrer" target="_blank">GitHub</a></li><li><a href="https://twitter.com/jackdbd" rel="noopener noreferrer" target="_blank">Twitter</a></li><li><a href="https://www.linkedin.com/in/giacomodebidda/" rel="noopener noreferrer" target="_blank">Linkedin</a></li><li><a href="https://stackoverflow.com/users/3036129/jackdbd" rel="noopener noreferrer" target="_blank">Stack Overflow</a></li></ul><div class="flex-end"><small>Copyright © 2020 – 2022 Giacomo Debidda – All rights reserved</small></div></div></footer></div>
+  </body>
+</html>
\ No newline at end of file
diff --git a/assets/html-pages/index.html b/assets/html-pages/index.html
new file mode 100644
index 00000000..8b92ea80
--- /dev/null
+++ b/assets/html-pages/index.html
@@ -0,0 +1,69 @@
+<!doctype html>
+<html data-current="home" lang="en" data-theme="default">
+  <head><meta charset="utf-8"><meta name="viewport" content="width=device-width,initial-scale=1"><meta name="description" content="Giacomo Debidda&#39;s personal website"><title>Hi there!</title><link rel="preconnect" href="https://plausible.io" crossorigin=""><link rel="dns-prefetch" href="https://plausible.io"><link rel="preconnect" href="https://res.cloudinary.com" crossorigin=""><link rel="dns-prefetch" href="https://res.cloudinary.com"><meta property="og:title" content="Hi there!"><meta property="og:type" content="website"><meta property="og:image" content="https://res.cloudinary.com/jackdbd/image/upload/v1599389496/profile-pic_k8mn6r.jpg"><meta property="og:image:alt" content="Giacomo Debidda&#39;s personal website and blog"><meta property="og:url" content="
+    https://www.giacomodebidda.com/
+  "><meta property="og:description" content="Giacomo Debidda&#39;s personal website"><meta property="og:locale" content="en_US"><meta name="twitter:card" content="summary"><meta name="twitter:site" content="@jackdbd"><meta name="twitter:title" content="Hi there!"><meta name="twitter:description" content="Giacomo Debidda&#39;s personal website"><meta name="twitter:image" content="https://res.cloudinary.com/jackdbd/image/upload/v1599389496/profile-pic_k8mn6r.jpg"><meta name="twitter:image:alt" content="Giacomo Debidda&#39;s personal website and blog"><meta name="theme-color" content="#c80815"><link rel="shortcut icon" href="/assets/img/favicon/favicon.ico"><link rel="apple-touch-icon" sizes="180x180" href="/assets/img/favicon/apple-touch-icon.png"><link rel="icon" type="image/png" sizes="32x32" href="/assets/img/favicon/favicon-32x32.png"><link rel="icon" type="image/png" sizes="16x16" href="/assets/img/favicon/favicon-16x16.png"><link rel="manifest" href="/manifest.webmanifest"><style>:root{--scale-step--2:clamp(0.7rem, 0.72rem + -0.07vw, 0.67rem);--scale-step--1:clamp(0.94rem, 0.91rem + 0.12vw, 1rem);--scale-step-0:clamp(1.25rem, 1.15rem + 0.49vw, 1.5rem);--scale-step-1:clamp(1.67rem, 1.44rem + 1.14vw, 2.25rem);--scale-step-2:clamp(2.22rem, 1.77rem + 2.25vw, 3.38rem);--scale-step-3:clamp(2.96rem, 2.14rem + 4.1vw, 5.06rem);--scale-step-4:clamp(3.95rem, 2.52rem + 7.12vw, 7.59rem);--fluid-min-width:320;--fluid-max-width:1140;--fluid-screen:100vw;--fluid-bp:calc(
+    (var(--fluid-screen) - var(--fluid-min-width) / 16 * 1rem) /
+      (var(--fluid-max-width) - var(--fluid-min-width))
+  );--fc-3xs-min:(var(--fc-s-min) * 0.5);--fc-3xs-max:(var(--fc-s-max) * 0.5);--fc-2xs-min:(var(--fc-s-min) * 0.5);--fc-2xs-max:(var(--fc-s-max) * 0.5);--fc-xs-min:(var(--fc-s-min) * 0.75);--fc-xs-max:(var(--fc-s-max) * 0.75);--fc-s-min:(var(--f-0-min, 20));--fc-s-max:(var(--f-0-max, 24));--fc-m-min:(var(--fc-s-min) * 1.5);--fc-m-max:(var(--fc-s-max) * 1.5);--fc-l-min:(var(--fc-s-min) * 2);--fc-l-max:(var(--fc-s-max) * 2);--fc-xl-min:(var(--fc-s-min) * 3);--fc-xl-max:(var(--fc-s-max) * 3);--fc-2xl-min:(var(--fc-s-min) * 4);--fc-2xl-max:(var(--fc-s-max) * 4);--fc-3xl-min:(var(--fc-s-min) * 6);--fc-3xl-max:(var(--fc-s-max) * 6);--scale-space-3xs:calc(
+    ((var(--fc-3xs-min) / 16) * 1rem) + (var(--fc-3xs-max) - var(--fc-3xs-min)) *
+      var(--fluid-bp)
+  );--scale-space-2xs:calc(
+    ((var(--fc-2xs-min) / 16) * 1rem) + (var(--fc-2xs-max) - var(--fc-2xs-min)) *
+      var(--fluid-bp)
+  );--scale-space-xs:calc(
+    ((var(--fc-xs-min) / 16) * 1rem) + (var(--fc-xs-max) - var(--fc-xs-min)) *
+      var(--fluid-bp)
+  );--scale-space-s:calc(
+    ((var(--fc-s-min) / 16) * 1rem) + (var(--fc-s-max) - var(--fc-s-min)) *
+      var(--fluid-bp)
+  );--scale-space-m:calc(
+    ((var(--fc-m-min) / 16) * 1rem) + (var(--fc-m-max) - var(--fc-m-min)) *
+      var(--fluid-bp)
+  );--scale-space-l:calc(
+    ((var(--fc-l-min) / 16) * 1rem) + (var(--fc-l-max) - var(--fc-l-min)) *
+      var(--fluid-bp)
+  );--scale-space-xl:calc(
+    ((var(--fc-xl-min) / 16) * 1rem) + (var(--fc-xl-max) - var(--fc-xl-min)) *
+      var(--fluid-bp)
+  );--scale-space-2xl:calc(
+    ((var(--fc-2xl-min) / 16) * 1rem) + (var(--fc-2xl-max) - var(--fc-2xl-min)) *
+      var(--fluid-bp)
+  );--scale-space-3xl:calc(
+    ((var(--fc-3xl-min) / 16) * 1rem) + (var(--fc-3xl-max) - var(--fc-3xl-min)) *
+      var(--fluid-bp)
+  );--scale-space-3xs-2xs:calc(
+    ((var(--fc-3xs-min) / 16) * 1rem) + (var(--fc-2xs-max) - var(--fc-3xs-min)) *
+      var(--fluid-bp)
+  );--scale-space-2xs-xs:calc(
+    ((var(--fc-2xs-min) / 16) * 1rem) + (var(--fc-xs-max) - var(--fc-2xs-min)) *
+      var(--fluid-bp)
+  );--scale-space-xs-s:calc(
+    ((var(--fc-xs-min) / 16) * 1rem) + (var(--fc-s-max) - var(--fc-xs-min)) *
+      var(--fluid-bp)
+  );--scale-space-s-m:calc(
+    ((var(--fc-s-min) / 16) * 1rem) + (var(--fc-m-max) - var(--fc-s-min)) *
+      var(--fluid-bp)
+  );--scale-space-m-l:calc(
+    ((var(--fc-m-min) / 16) * 1rem) + (var(--fc-l-max) - var(--fc-m-min)) *
+      var(--fluid-bp)
+  );--scale-space-l-xl:calc(
+    ((var(--fc-l-min) / 16) * 1rem) + (var(--fc-xl-max) - var(--fc-l-min)) *
+      var(--fluid-bp)
+  );--scale-space-xl-2xl:calc(
+    ((var(--fc-xl-min) / 16) * 1rem) + (var(--fc-2xl-max) - var(--fc-xl-min)) *
+      var(--fluid-bp)
+  );--scale-space-2xl-3xl:calc(
+    ((var(--fc-2xl-min) / 16) * 1rem) + (var(--fc-3xl-max) - var(--fc-2xl-min)) *
+      var(--fluid-bp)
+  );--scale-space-s-l:calc(
+    ((var(--fc-s-min) / 16) * 1rem) + (var(--fc-l-max) - var(--fc-s-min)) *
+      var(--fluid-bp)
+  );--color-alabaster:#f2f0e6;--color-baby-powder:#fefefa;--color-bone:#e3dac9;--color-cyan-blue:#e5e9eb;--color-firebrick:#b22222;--color-gray20:#333333;--color-red:#d7000c;--color-slategray:#708090;--color-snow:#fffafa;--color-venetian-red:#c80815;--color-white:white;--color-accent:var(--color-venetian-red);--color-background:var(--color-baby-powder);--color-background-code:var(--color-cyan-blue);--color-text:var(--color-gray20);--font-headings:Nunito,ui-sans-serif,system-ui,-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,'Helvetica Neue',Arial,'Noto Sans',sans-serif,'Apple Color Emoji','Segoe UI Emoji','Segoe UI Symbol','Noto Color Emoji';--font-body:Merriweather,ui-serif,Georgia,Cambria,'Times New Roman',Times,serif}@media screen and (min-width:1140px){:root{--fluid-screen:calc(var(--fluid-max-width) * 1px)}}@font-face{font-family:Nunito;font-display:swap;font-style:normal;font-weight:800;src:local(''),url('/assets/fonts/nunito-v16-latin-800.woff2') format('woff2'),url('/assets/fonts/nunito-v16-latin-800.woff') format('woff')}@font-face{font-family:Merriweather;font-display:swap;font-style:normal;font-weight:400;src:local(''),url('/assets/fonts/merriweather-v22-latin-regular.woff2') format('woff2'),url('/assets/fonts/merriweather-v22-latin-regular.woff') format('woff')}@font-face{font-family:Merriweather;font-display:swap;font-style:italic;font-weight:400;src:local(''),url('/assets/fonts/merriweather-v22-latin-italic.woff2') format('woff2'),url('/assets/fonts/merriweather-v22-latin-italic.woff') format('woff')}@font-face{font-family:Merriweather;font-display:swap;font-style:normal;font-weight:700;src:local(''),url('/assets/fonts/merriweather-v22-latin-700.woff2') format('woff2'),url('/assets/fonts/merriweather-v22-latin-700.woff') format('woff')}@font-face{font-family:Merriweather;font-display:swap;font-style:italic;font-weight:700;src:local(''),url('/assets/fonts/merriweather-v22-latin-700italic.woff2') format('woff2'),url('/assets/fonts/merriweather-v22-latin-700italic.woff') format('woff')}.box{--box-space:var(--scale-space-m);padding:var(--box-space,1em)}.cluster{display:flex;flex-wrap:wrap;justify-content:center;align-items:center;margin:0 auto;gap:var(--cluster-gap,1ch)}.cluster>*{--cluster-spacing:0.05em;margin:var(--cluster-spacing)}.cluster[data-align=start]{justify-content:flex-start;margin-left:0}.cluster[data-align=end]{justify-content:flex-end;margin-right:0}.flow>:not(.display\:none)+*{margin-top:var(--flow-space,1em)}.region{padding:var(--region-space,1em) 0}.stack{--stack-space:var(--scale-space-m)}.stack>*{margin-top:0;margin-bottom:0}.stack>*+*{margin-top:var(--stack-space)}.wrapper{--max-width:50rem;margin-right:auto;margin-left:auto;max-width:95vw;padding-left:1.25rem;padding-right:1.25rem;width:var(--max-width);width:clamp(16rem,95vw,var(--max-width));position:relative}</style><link rel="stylesheet" href="/assets/css/style.css"><link rel="preload" href="/assets/fonts/nunito-v16-latin-800.woff2" as="font" type="font/woff2" crossorigin=""><link rel="preload" href="/assets/fonts/merriweather-v22-latin-regular.woff2" as="font" type="font/woff2" crossorigin=""><link rel="preload" href="/assets/fonts/merriweather-v22-latin-700.woff2" as="font" type="font/woff2" crossorigin=""><link rel="alternate" type="application/rss+xml" href="/feeds/posts.xml" title="Giacomo Debidda&#39;s blog posts"><script async="" type="module" src="/assets/js/is-land.js"></script><script async="" src="/assets/js/instantpage.js"></script><script async="" src="/assets/js/async-load-prism-theme.js"></script><script defer="defer" data-domain="giacomodebidda.com" src="https://plausible.io/js/plausible.js"></script><link rel="stylesheet" href="/assets/css/components.css"><link rel="stylesheet" href="/assets/css/utilities.css"><script async="" src="/assets/js/sw-registration.js"></script>
+  <script>console.log("script number 0")</script>
+  <script>alert("script number 1")</script>
+  </head>
+  <body>
+    <div id="wrapper-for-sticky-footer"><header><ul class="cluster wrapper region justify-content:space-between"><li><a href="/">Giacomo Debidda</a></li><li><ul class="cluster" data-align="start"><li><a href="/blog/">Blog</a></li><li><a href="/projects/">Projects</a></li><li><a href="/about/">About</a></li><li><a href="/contact/">Contact</a></li></ul></li></ul></header><main class="wrapper"><div class="flow region"><h1>Hi there!</h1><p>I'm Giacomo Debidda, also known as <a href="https://twitter.com/jackdbd" rel="noopener noreferrer" target="_blank">@jackdbd</a> on the Internet.</p><h2>Recent articles</h2><ul class="flow post-list"><li class="flow"><h2><a href="/posts/inspect-container-images-with-dive/">Inspect container images with dive</a></h2><p><time datetime="2022-02-04"><strong>04 Feb 2022</strong> </time><span>|</span> <span>4 min read</span></p></li><li class="flow"><h2><a href="/posts/test-your-javascript-on-multiple-engines-with-eshost-cli-and-jsvu/">Test your JavaScript on multiple engines with eshost-cli and jsvu</a></h2><p><time datetime="2021-05-07"><strong>07 May 2021</strong> </time><span>|</span> <span>3 min read</span></p></li><li class="flow"><h2><a href="/posts/generate-and-view-har-files/">Generate and view HAR files</a></h2><p><time datetime="2021-05-06"><strong>06 May 2021</strong> </time><span>|</span> <span>4 min read</span></p></li></ul></div></main><footer><div class="flow wrapper region"><ul class="cluster" data-align="end"><li><a href="/feeds/posts.xml">RSS</a></li><li><a href="https://github.com/jackdbd" rel="noopener noreferrer" target="_blank">GitHub</a></li><li><a href="https://twitter.com/jackdbd" rel="noopener noreferrer" target="_blank">Twitter</a></li><li><a href="https://www.linkedin.com/in/giacomodebidda/" rel="noopener noreferrer" target="_blank">Linkedin</a></li><li><a href="https://stackoverflow.com/users/3036129/jackdbd" rel="noopener noreferrer" target="_blank">Stack Overflow</a></li></ul><div class="flex-end"><small>Copyright © 2020 – 2022 Giacomo Debidda – All rights reserved</small></div></div></footer></div>
+  </body>
+</html>
\ No newline at end of file
diff --git a/config/jest.cjs b/config/jest.cjs
index 388e85c4..9ad21183 100644
--- a/config/jest.cjs
+++ b/config/jest.cjs
@@ -80,6 +80,7 @@ const projects = [
   project('checks'),
   project('cloud-scheduler-utils'),
   project('cloud-tasks-utils'),
+  project('content-security-policy'),
   project('fattureincloud-client'),
   project('firestore-utils'),
   project('keap-client'),
diff --git a/custom-types/himalaya/index.d.ts b/custom-types/himalaya/index.d.ts
new file mode 100644
index 00000000..c9f26470
--- /dev/null
+++ b/custom-types/himalaya/index.d.ts
@@ -0,0 +1,16 @@
+declare module 'himalaya' {
+  export interface HimalayaJson {
+    children: any
+    content: string
+    tagName: string
+    filter: (predicate: (x: any) => boolean) => any
+  }
+
+  export interface Options {
+    includePositions: boolean
+  }
+
+  export function parse(html: string, options: Options): HimalayaJson
+
+  export const parseDefaults: Options
+}
diff --git a/docs/content-security-policy/.nojekyll b/docs/content-security-policy/.nojekyll
new file mode 100644
index 00000000..e2ac6616
--- /dev/null
+++ b/docs/content-security-policy/.nojekyll
@@ -0,0 +1 @@
+TypeDoc added this file to prevent GitHub Pages from using Jekyll. You can turn off this behavior by setting the `githubPages` option to false.
\ No newline at end of file
diff --git a/docs/content-security-policy/assets/highlight.css b/docs/content-security-policy/assets/highlight.css
new file mode 100644
index 00000000..1b78686f
--- /dev/null
+++ b/docs/content-security-policy/assets/highlight.css
@@ -0,0 +1,29 @@
+:root {
+    --light-hl-0: #000000;
+    --dark-hl-0: #D4D4D4;
+    --light-code-background: #FFFFFF;
+    --dark-code-background: #1E1E1E;
+}
+
+@media (prefers-color-scheme: light) { :root {
+    --hl-0: var(--light-hl-0);
+    --code-background: var(--light-code-background);
+} }
+
+@media (prefers-color-scheme: dark) { :root {
+    --hl-0: var(--dark-hl-0);
+    --code-background: var(--dark-code-background);
+} }
+
+:root[data-theme='light'] {
+    --hl-0: var(--light-hl-0);
+    --code-background: var(--light-code-background);
+}
+
+:root[data-theme='dark'] {
+    --hl-0: var(--dark-hl-0);
+    --code-background: var(--dark-code-background);
+}
+
+.hl-0 { color: var(--hl-0); }
+pre, code { background: var(--code-background); }
diff --git a/docs/content-security-policy/assets/main.js b/docs/content-security-policy/assets/main.js
new file mode 100644
index 00000000..abd0485a
--- /dev/null
+++ b/docs/content-security-policy/assets/main.js
@@ -0,0 +1,54 @@
+"use strict";
+"use strict";(()=>{var Qe=Object.create;var ae=Object.defineProperty;var Pe=Object.getOwnPropertyDescriptor;var Ce=Object.getOwnPropertyNames;var Oe=Object.getPrototypeOf,Re=Object.prototype.hasOwnProperty;var _e=(t,e)=>()=>(e||t((e={exports:{}}).exports,e),e.exports);var Me=(t,e,n,r)=>{if(e&&typeof e=="object"||typeof e=="function")for(let i of Ce(e))!Re.call(t,i)&&i!==n&&ae(t,i,{get:()=>e[i],enumerable:!(r=Pe(e,i))||r.enumerable});return t};var De=(t,e,n)=>(n=t!=null?Qe(Oe(t)):{},Me(e||!t||!t.__esModule?ae(n,"default",{value:t,enumerable:!0}):n,t));var de=_e((ce,he)=>{(function(){var t=function(e){var n=new t.Builder;return n.pipeline.add(t.trimmer,t.stopWordFilter,t.stemmer),n.searchPipeline.add(t.stemmer),e.call(n,n),n.build()};t.version="2.3.9";t.utils={},t.utils.warn=function(e){return function(n){e.console&&console.warn&&console.warn(n)}}(this),t.utils.asString=function(e){return e==null?"":e.toString()},t.utils.clone=function(e){if(e==null)return e;for(var n=Object.create(null),r=Object.keys(e),i=0;i<r.length;i++){var s=r[i],o=e[s];if(Array.isArray(o)){n[s]=o.slice();continue}if(typeof o=="string"||typeof o=="number"||typeof o=="boolean"){n[s]=o;continue}throw new TypeError("clone is not deep and does not support nested objects")}return n},t.FieldRef=function(e,n,r){this.docRef=e,this.fieldName=n,this._stringValue=r},t.FieldRef.joiner="/",t.FieldRef.fromString=function(e){var n=e.indexOf(t.FieldRef.joiner);if(n===-1)throw"malformed field ref string";var r=e.slice(0,n),i=e.slice(n+1);return new t.FieldRef(i,r,e)},t.FieldRef.prototype.toString=function(){return this._stringValue==null&&(this._stringValue=this.fieldName+t.FieldRef.joiner+this.docRef),this._stringValue};t.Set=function(e){if(this.elements=Object.create(null),e){this.length=e.length;for(var n=0;n<this.length;n++)this.elements[e[n]]=!0}else this.length=0},t.Set.complete={intersect:function(e){return e},union:function(){return this},contains:function(){return!0}},t.Set.empty={intersect:function(){return this},union:function(e){return e},contains:function(){return!1}},t.Set.prototype.contains=function(e){return!!this.elements[e]},t.Set.prototype.intersect=function(e){var n,r,i,s=[];if(e===t.Set.complete)return this;if(e===t.Set.empty)return e;this.length<e.length?(n=this,r=e):(n=e,r=this),i=Object.keys(n.elements);for(var o=0;o<i.length;o++){var a=i[o];a in r.elements&&s.push(a)}return new t.Set(s)},t.Set.prototype.union=function(e){return e===t.Set.complete?t.Set.complete:e===t.Set.empty?this:new t.Set(Object.keys(this.elements).concat(Object.keys(e.elements)))},t.idf=function(e,n){var r=0;for(var i in e)i!="_index"&&(r+=Object.keys(e[i]).length);var s=(n-r+.5)/(r+.5);return Math.log(1+Math.abs(s))},t.Token=function(e,n){this.str=e||"",this.metadata=n||{}},t.Token.prototype.toString=function(){return this.str},t.Token.prototype.update=function(e){return this.str=e(this.str,this.metadata),this},t.Token.prototype.clone=function(e){return e=e||function(n){return n},new t.Token(e(this.str,this.metadata),this.metadata)};t.tokenizer=function(e,n){if(e==null||e==null)return[];if(Array.isArray(e))return e.map(function(m){return new t.Token(t.utils.asString(m).toLowerCase(),t.utils.clone(n))});for(var r=e.toString().toLowerCase(),i=r.length,s=[],o=0,a=0;o<=i;o++){var u=r.charAt(o),l=o-a;if(u.match(t.tokenizer.separator)||o==i){if(l>0){var h=t.utils.clone(n)||{};h.position=[a,l],h.index=s.length,s.push(new t.Token(r.slice(a,o),h))}a=o+1}}return s},t.tokenizer.separator=/[\s\-]+/;t.Pipeline=function(){this._stack=[]},t.Pipeline.registeredFunctions=Object.create(null),t.Pipeline.registerFunction=function(e,n){n in this.registeredFunctions&&t.utils.warn("Overwriting existing registered function: "+n),e.label=n,t.Pipeline.registeredFunctions[e.label]=e},t.Pipeline.warnIfFunctionNotRegistered=function(e){var n=e.label&&e.label in this.registeredFunctions;n||t.utils.warn(`Function is not registered with pipeline. This may cause problems when serialising the index.
+`,e)},t.Pipeline.load=function(e){var n=new t.Pipeline;return e.forEach(function(r){var i=t.Pipeline.registeredFunctions[r];if(i)n.add(i);else throw new Error("Cannot load unregistered function: "+r)}),n},t.Pipeline.prototype.add=function(){var e=Array.prototype.slice.call(arguments);e.forEach(function(n){t.Pipeline.warnIfFunctionNotRegistered(n),this._stack.push(n)},this)},t.Pipeline.prototype.after=function(e,n){t.Pipeline.warnIfFunctionNotRegistered(n);var r=this._stack.indexOf(e);if(r==-1)throw new Error("Cannot find existingFn");r=r+1,this._stack.splice(r,0,n)},t.Pipeline.prototype.before=function(e,n){t.Pipeline.warnIfFunctionNotRegistered(n);var r=this._stack.indexOf(e);if(r==-1)throw new Error("Cannot find existingFn");this._stack.splice(r,0,n)},t.Pipeline.prototype.remove=function(e){var n=this._stack.indexOf(e);n!=-1&&this._stack.splice(n,1)},t.Pipeline.prototype.run=function(e){for(var n=this._stack.length,r=0;r<n;r++){for(var i=this._stack[r],s=[],o=0;o<e.length;o++){var a=i(e[o],o,e);if(!(a==null||a===""))if(Array.isArray(a))for(var u=0;u<a.length;u++)s.push(a[u]);else s.push(a)}e=s}return e},t.Pipeline.prototype.runString=function(e,n){var r=new t.Token(e,n);return this.run([r]).map(function(i){return i.toString()})},t.Pipeline.prototype.reset=function(){this._stack=[]},t.Pipeline.prototype.toJSON=function(){return this._stack.map(function(e){return t.Pipeline.warnIfFunctionNotRegistered(e),e.label})};t.Vector=function(e){this._magnitude=0,this.elements=e||[]},t.Vector.prototype.positionForIndex=function(e){if(this.elements.length==0)return 0;for(var n=0,r=this.elements.length/2,i=r-n,s=Math.floor(i/2),o=this.elements[s*2];i>1&&(o<e&&(n=s),o>e&&(r=s),o!=e);)i=r-n,s=n+Math.floor(i/2),o=this.elements[s*2];if(o==e||o>e)return s*2;if(o<e)return(s+1)*2},t.Vector.prototype.insert=function(e,n){this.upsert(e,n,function(){throw"duplicate index"})},t.Vector.prototype.upsert=function(e,n,r){this._magnitude=0;var i=this.positionForIndex(e);this.elements[i]==e?this.elements[i+1]=r(this.elements[i+1],n):this.elements.splice(i,0,e,n)},t.Vector.prototype.magnitude=function(){if(this._magnitude)return this._magnitude;for(var e=0,n=this.elements.length,r=1;r<n;r+=2){var i=this.elements[r];e+=i*i}return this._magnitude=Math.sqrt(e)},t.Vector.prototype.dot=function(e){for(var n=0,r=this.elements,i=e.elements,s=r.length,o=i.length,a=0,u=0,l=0,h=0;l<s&&h<o;)a=r[l],u=i[h],a<u?l+=2:a>u?h+=2:a==u&&(n+=r[l+1]*i[h+1],l+=2,h+=2);return n},t.Vector.prototype.similarity=function(e){return this.dot(e)/this.magnitude()||0},t.Vector.prototype.toArray=function(){for(var e=new Array(this.elements.length/2),n=1,r=0;n<this.elements.length;n+=2,r++)e[r]=this.elements[n];return e},t.Vector.prototype.toJSON=function(){return this.elements};t.stemmer=function(){var e={ational:"ate",tional:"tion",enci:"ence",anci:"ance",izer:"ize",bli:"ble",alli:"al",entli:"ent",eli:"e",ousli:"ous",ization:"ize",ation:"ate",ator:"ate",alism:"al",iveness:"ive",fulness:"ful",ousness:"ous",aliti:"al",iviti:"ive",biliti:"ble",logi:"log"},n={icate:"ic",ative:"",alize:"al",iciti:"ic",ical:"ic",ful:"",ness:""},r="[^aeiou]",i="[aeiouy]",s=r+"[^aeiouy]*",o=i+"[aeiou]*",a="^("+s+")?"+o+s,u="^("+s+")?"+o+s+"("+o+")?$",l="^("+s+")?"+o+s+o+s,h="^("+s+")?"+i,m=new RegExp(a),v=new RegExp(l),b=new RegExp(u),y=new RegExp(h),E=/^(.+?)(ss|i)es$/,f=/^(.+?)([^s])s$/,p=/^(.+?)eed$/,w=/^(.+?)(ed|ing)$/,S=/.$/,I=/(at|bl|iz)$/,_=new RegExp("([^aeiouylsz])\\1$"),z=new RegExp("^"+s+i+"[^aeiouwxy]$"),A=/^(.+?[^aeiou])y$/,q=/^(.+?)(ational|tional|enci|anci|izer|bli|alli|entli|eli|ousli|ization|ation|ator|alism|iveness|fulness|ousness|aliti|iviti|biliti|logi)$/,$=/^(.+?)(icate|ative|alize|iciti|ical|ful|ness)$/,V=/^(.+?)(al|ance|ence|er|ic|able|ible|ant|ement|ment|ent|ou|ism|ate|iti|ous|ive|ize)$/,W=/^(.+?)(s|t)(ion)$/,P=/^(.+?)e$/,U=/ll$/,G=new RegExp("^"+s+i+"[^aeiouwxy]$"),N=function(c){var g,C,T,d,x,O,D;if(c.length<3)return c;if(T=c.substr(0,1),T=="y"&&(c=T.toUpperCase()+c.substr(1)),d=E,x=f,d.test(c)?c=c.replace(d,"$1$2"):x.test(c)&&(c=c.replace(x,"$1$2")),d=p,x=w,d.test(c)){var L=d.exec(c);d=m,d.test(L[1])&&(d=S,c=c.replace(d,""))}else if(x.test(c)){var L=x.exec(c);g=L[1],x=y,x.test(g)&&(c=g,x=I,O=_,D=z,x.test(c)?c=c+"e":O.test(c)?(d=S,c=c.replace(d,"")):D.test(c)&&(c=c+"e"))}if(d=A,d.test(c)){var L=d.exec(c);g=L[1],c=g+"i"}if(d=q,d.test(c)){var L=d.exec(c);g=L[1],C=L[2],d=m,d.test(g)&&(c=g+e[C])}if(d=$,d.test(c)){var L=d.exec(c);g=L[1],C=L[2],d=m,d.test(g)&&(c=g+n[C])}if(d=V,x=W,d.test(c)){var L=d.exec(c);g=L[1],d=v,d.test(g)&&(c=g)}else if(x.test(c)){var L=x.exec(c);g=L[1]+L[2],x=v,x.test(g)&&(c=g)}if(d=P,d.test(c)){var L=d.exec(c);g=L[1],d=v,x=b,O=G,(d.test(g)||x.test(g)&&!O.test(g))&&(c=g)}return d=U,x=v,d.test(c)&&x.test(c)&&(d=S,c=c.replace(d,"")),T=="y"&&(c=T.toLowerCase()+c.substr(1)),c};return function(M){return M.update(N)}}(),t.Pipeline.registerFunction(t.stemmer,"stemmer");t.generateStopWordFilter=function(e){var n=e.reduce(function(r,i){return r[i]=i,r},{});return function(r){if(r&&n[r.toString()]!==r.toString())return r}},t.stopWordFilter=t.generateStopWordFilter(["a","able","about","across","after","all","almost","also","am","among","an","and","any","are","as","at","be","because","been","but","by","can","cannot","could","dear","did","do","does","either","else","ever","every","for","from","get","got","had","has","have","he","her","hers","him","his","how","however","i","if","in","into","is","it","its","just","least","let","like","likely","may","me","might","most","must","my","neither","no","nor","not","of","off","often","on","only","or","other","our","own","rather","said","say","says","she","should","since","so","some","than","that","the","their","them","then","there","these","they","this","tis","to","too","twas","us","wants","was","we","were","what","when","where","which","while","who","whom","why","will","with","would","yet","you","your"]),t.Pipeline.registerFunction(t.stopWordFilter,"stopWordFilter");t.trimmer=function(e){return e.update(function(n){return n.replace(/^\W+/,"").replace(/\W+$/,"")})},t.Pipeline.registerFunction(t.trimmer,"trimmer");t.TokenSet=function(){this.final=!1,this.edges={},this.id=t.TokenSet._nextId,t.TokenSet._nextId+=1},t.TokenSet._nextId=1,t.TokenSet.fromArray=function(e){for(var n=new t.TokenSet.Builder,r=0,i=e.length;r<i;r++)n.insert(e[r]);return n.finish(),n.root},t.TokenSet.fromClause=function(e){return"editDistance"in e?t.TokenSet.fromFuzzyString(e.term,e.editDistance):t.TokenSet.fromString(e.term)},t.TokenSet.fromFuzzyString=function(e,n){for(var r=new t.TokenSet,i=[{node:r,editsRemaining:n,str:e}];i.length;){var s=i.pop();if(s.str.length>0){var o=s.str.charAt(0),a;o in s.node.edges?a=s.node.edges[o]:(a=new t.TokenSet,s.node.edges[o]=a),s.str.length==1&&(a.final=!0),i.push({node:a,editsRemaining:s.editsRemaining,str:s.str.slice(1)})}if(s.editsRemaining!=0){if("*"in s.node.edges)var u=s.node.edges["*"];else{var u=new t.TokenSet;s.node.edges["*"]=u}if(s.str.length==0&&(u.final=!0),i.push({node:u,editsRemaining:s.editsRemaining-1,str:s.str}),s.str.length>1&&i.push({node:s.node,editsRemaining:s.editsRemaining-1,str:s.str.slice(1)}),s.str.length==1&&(s.node.final=!0),s.str.length>=1){if("*"in s.node.edges)var l=s.node.edges["*"];else{var l=new t.TokenSet;s.node.edges["*"]=l}s.str.length==1&&(l.final=!0),i.push({node:l,editsRemaining:s.editsRemaining-1,str:s.str.slice(1)})}if(s.str.length>1){var h=s.str.charAt(0),m=s.str.charAt(1),v;m in s.node.edges?v=s.node.edges[m]:(v=new t.TokenSet,s.node.edges[m]=v),s.str.length==1&&(v.final=!0),i.push({node:v,editsRemaining:s.editsRemaining-1,str:h+s.str.slice(2)})}}}return r},t.TokenSet.fromString=function(e){for(var n=new t.TokenSet,r=n,i=0,s=e.length;i<s;i++){var o=e[i],a=i==s-1;if(o=="*")n.edges[o]=n,n.final=a;else{var u=new t.TokenSet;u.final=a,n.edges[o]=u,n=u}}return r},t.TokenSet.prototype.toArray=function(){for(var e=[],n=[{prefix:"",node:this}];n.length;){var r=n.pop(),i=Object.keys(r.node.edges),s=i.length;r.node.final&&(r.prefix.charAt(0),e.push(r.prefix));for(var o=0;o<s;o++){var a=i[o];n.push({prefix:r.prefix.concat(a),node:r.node.edges[a]})}}return e},t.TokenSet.prototype.toString=function(){if(this._str)return this._str;for(var e=this.final?"1":"0",n=Object.keys(this.edges).sort(),r=n.length,i=0;i<r;i++){var s=n[i],o=this.edges[s];e=e+s+o.id}return e},t.TokenSet.prototype.intersect=function(e){for(var n=new t.TokenSet,r=void 0,i=[{qNode:e,output:n,node:this}];i.length;){r=i.pop();for(var s=Object.keys(r.qNode.edges),o=s.length,a=Object.keys(r.node.edges),u=a.length,l=0;l<o;l++)for(var h=s[l],m=0;m<u;m++){var v=a[m];if(v==h||h=="*"){var b=r.node.edges[v],y=r.qNode.edges[h],E=b.final&&y.final,f=void 0;v in r.output.edges?(f=r.output.edges[v],f.final=f.final||E):(f=new t.TokenSet,f.final=E,r.output.edges[v]=f),i.push({qNode:y,output:f,node:b})}}}return n},t.TokenSet.Builder=function(){this.previousWord="",this.root=new t.TokenSet,this.uncheckedNodes=[],this.minimizedNodes={}},t.TokenSet.Builder.prototype.insert=function(e){var n,r=0;if(e<this.previousWord)throw new Error("Out of order word insertion");for(var i=0;i<e.length&&i<this.previousWord.length&&e[i]==this.previousWord[i];i++)r++;this.minimize(r),this.uncheckedNodes.length==0?n=this.root:n=this.uncheckedNodes[this.uncheckedNodes.length-1].child;for(var i=r;i<e.length;i++){var s=new t.TokenSet,o=e[i];n.edges[o]=s,this.uncheckedNodes.push({parent:n,char:o,child:s}),n=s}n.final=!0,this.previousWord=e},t.TokenSet.Builder.prototype.finish=function(){this.minimize(0)},t.TokenSet.Builder.prototype.minimize=function(e){for(var n=this.uncheckedNodes.length-1;n>=e;n--){var r=this.uncheckedNodes[n],i=r.child.toString();i in this.minimizedNodes?r.parent.edges[r.char]=this.minimizedNodes[i]:(r.child._str=i,this.minimizedNodes[i]=r.child),this.uncheckedNodes.pop()}};t.Index=function(e){this.invertedIndex=e.invertedIndex,this.fieldVectors=e.fieldVectors,this.tokenSet=e.tokenSet,this.fields=e.fields,this.pipeline=e.pipeline},t.Index.prototype.search=function(e){return this.query(function(n){var r=new t.QueryParser(e,n);r.parse()})},t.Index.prototype.query=function(e){for(var n=new t.Query(this.fields),r=Object.create(null),i=Object.create(null),s=Object.create(null),o=Object.create(null),a=Object.create(null),u=0;u<this.fields.length;u++)i[this.fields[u]]=new t.Vector;e.call(n,n);for(var u=0;u<n.clauses.length;u++){var l=n.clauses[u],h=null,m=t.Set.empty;l.usePipeline?h=this.pipeline.runString(l.term,{fields:l.fields}):h=[l.term];for(var v=0;v<h.length;v++){var b=h[v];l.term=b;var y=t.TokenSet.fromClause(l),E=this.tokenSet.intersect(y).toArray();if(E.length===0&&l.presence===t.Query.presence.REQUIRED){for(var f=0;f<l.fields.length;f++){var p=l.fields[f];o[p]=t.Set.empty}break}for(var w=0;w<E.length;w++)for(var S=E[w],I=this.invertedIndex[S],_=I._index,f=0;f<l.fields.length;f++){var p=l.fields[f],z=I[p],A=Object.keys(z),q=S+"/"+p,$=new t.Set(A);if(l.presence==t.Query.presence.REQUIRED&&(m=m.union($),o[p]===void 0&&(o[p]=t.Set.complete)),l.presence==t.Query.presence.PROHIBITED){a[p]===void 0&&(a[p]=t.Set.empty),a[p]=a[p].union($);continue}if(i[p].upsert(_,l.boost,function(ke,Ie){return ke+Ie}),!s[q]){for(var V=0;V<A.length;V++){var W=A[V],P=new t.FieldRef(W,p),U=z[W],G;(G=r[P])===void 0?r[P]=new t.MatchData(S,p,U):G.add(S,p,U)}s[q]=!0}}}if(l.presence===t.Query.presence.REQUIRED)for(var f=0;f<l.fields.length;f++){var p=l.fields[f];o[p]=o[p].intersect(m)}}for(var N=t.Set.complete,M=t.Set.empty,u=0;u<this.fields.length;u++){var p=this.fields[u];o[p]&&(N=N.intersect(o[p])),a[p]&&(M=M.union(a[p]))}var c=Object.keys(r),g=[],C=Object.create(null);if(n.isNegated()){c=Object.keys(this.fieldVectors);for(var u=0;u<c.length;u++){var P=c[u],T=t.FieldRef.fromString(P);r[P]=new t.MatchData}}for(var u=0;u<c.length;u++){var T=t.FieldRef.fromString(c[u]),d=T.docRef;if(!!N.contains(d)&&!M.contains(d)){var x=this.fieldVectors[T],O=i[T.fieldName].similarity(x),D;if((D=C[d])!==void 0)D.score+=O,D.matchData.combine(r[T]);else{var L={ref:d,score:O,matchData:r[T]};C[d]=L,g.push(L)}}}return g.sort(function(we,Te){return Te.score-we.score})},t.Index.prototype.toJSON=function(){var e=Object.keys(this.invertedIndex).sort().map(function(r){return[r,this.invertedIndex[r]]},this),n=Object.keys(this.fieldVectors).map(function(r){return[r,this.fieldVectors[r].toJSON()]},this);return{version:t.version,fields:this.fields,fieldVectors:n,invertedIndex:e,pipeline:this.pipeline.toJSON()}},t.Index.load=function(e){var n={},r={},i=e.fieldVectors,s=Object.create(null),o=e.invertedIndex,a=new t.TokenSet.Builder,u=t.Pipeline.load(e.pipeline);e.version!=t.version&&t.utils.warn("Version mismatch when loading serialised index. Current version of lunr '"+t.version+"' does not match serialized index '"+e.version+"'");for(var l=0;l<i.length;l++){var h=i[l],m=h[0],v=h[1];r[m]=new t.Vector(v)}for(var l=0;l<o.length;l++){var h=o[l],b=h[0],y=h[1];a.insert(b),s[b]=y}return a.finish(),n.fields=e.fields,n.fieldVectors=r,n.invertedIndex=s,n.tokenSet=a.root,n.pipeline=u,new t.Index(n)};t.Builder=function(){this._ref="id",this._fields=Object.create(null),this._documents=Object.create(null),this.invertedIndex=Object.create(null),this.fieldTermFrequencies={},this.fieldLengths={},this.tokenizer=t.tokenizer,this.pipeline=new t.Pipeline,this.searchPipeline=new t.Pipeline,this.documentCount=0,this._b=.75,this._k1=1.2,this.termIndex=0,this.metadataWhitelist=[]},t.Builder.prototype.ref=function(e){this._ref=e},t.Builder.prototype.field=function(e,n){if(/\//.test(e))throw new RangeError("Field '"+e+"' contains illegal character '/'");this._fields[e]=n||{}},t.Builder.prototype.b=function(e){e<0?this._b=0:e>1?this._b=1:this._b=e},t.Builder.prototype.k1=function(e){this._k1=e},t.Builder.prototype.add=function(e,n){var r=e[this._ref],i=Object.keys(this._fields);this._documents[r]=n||{},this.documentCount+=1;for(var s=0;s<i.length;s++){var o=i[s],a=this._fields[o].extractor,u=a?a(e):e[o],l=this.tokenizer(u,{fields:[o]}),h=this.pipeline.run(l),m=new t.FieldRef(r,o),v=Object.create(null);this.fieldTermFrequencies[m]=v,this.fieldLengths[m]=0,this.fieldLengths[m]+=h.length;for(var b=0;b<h.length;b++){var y=h[b];if(v[y]==null&&(v[y]=0),v[y]+=1,this.invertedIndex[y]==null){var E=Object.create(null);E._index=this.termIndex,this.termIndex+=1;for(var f=0;f<i.length;f++)E[i[f]]=Object.create(null);this.invertedIndex[y]=E}this.invertedIndex[y][o][r]==null&&(this.invertedIndex[y][o][r]=Object.create(null));for(var p=0;p<this.metadataWhitelist.length;p++){var w=this.metadataWhitelist[p],S=y.metadata[w];this.invertedIndex[y][o][r][w]==null&&(this.invertedIndex[y][o][r][w]=[]),this.invertedIndex[y][o][r][w].push(S)}}}},t.Builder.prototype.calculateAverageFieldLengths=function(){for(var e=Object.keys(this.fieldLengths),n=e.length,r={},i={},s=0;s<n;s++){var o=t.FieldRef.fromString(e[s]),a=o.fieldName;i[a]||(i[a]=0),i[a]+=1,r[a]||(r[a]=0),r[a]+=this.fieldLengths[o]}for(var u=Object.keys(this._fields),s=0;s<u.length;s++){var l=u[s];r[l]=r[l]/i[l]}this.averageFieldLength=r},t.Builder.prototype.createFieldVectors=function(){for(var e={},n=Object.keys(this.fieldTermFrequencies),r=n.length,i=Object.create(null),s=0;s<r;s++){for(var o=t.FieldRef.fromString(n[s]),a=o.fieldName,u=this.fieldLengths[o],l=new t.Vector,h=this.fieldTermFrequencies[o],m=Object.keys(h),v=m.length,b=this._fields[a].boost||1,y=this._documents[o.docRef].boost||1,E=0;E<v;E++){var f=m[E],p=h[f],w=this.invertedIndex[f]._index,S,I,_;i[f]===void 0?(S=t.idf(this.invertedIndex[f],this.documentCount),i[f]=S):S=i[f],I=S*((this._k1+1)*p)/(this._k1*(1-this._b+this._b*(u/this.averageFieldLength[a]))+p),I*=b,I*=y,_=Math.round(I*1e3)/1e3,l.insert(w,_)}e[o]=l}this.fieldVectors=e},t.Builder.prototype.createTokenSet=function(){this.tokenSet=t.TokenSet.fromArray(Object.keys(this.invertedIndex).sort())},t.Builder.prototype.build=function(){return this.calculateAverageFieldLengths(),this.createFieldVectors(),this.createTokenSet(),new t.Index({invertedIndex:this.invertedIndex,fieldVectors:this.fieldVectors,tokenSet:this.tokenSet,fields:Object.keys(this._fields),pipeline:this.searchPipeline})},t.Builder.prototype.use=function(e){var n=Array.prototype.slice.call(arguments,1);n.unshift(this),e.apply(this,n)},t.MatchData=function(e,n,r){for(var i=Object.create(null),s=Object.keys(r||{}),o=0;o<s.length;o++){var a=s[o];i[a]=r[a].slice()}this.metadata=Object.create(null),e!==void 0&&(this.metadata[e]=Object.create(null),this.metadata[e][n]=i)},t.MatchData.prototype.combine=function(e){for(var n=Object.keys(e.metadata),r=0;r<n.length;r++){var i=n[r],s=Object.keys(e.metadata[i]);this.metadata[i]==null&&(this.metadata[i]=Object.create(null));for(var o=0;o<s.length;o++){var a=s[o],u=Object.keys(e.metadata[i][a]);this.metadata[i][a]==null&&(this.metadata[i][a]=Object.create(null));for(var l=0;l<u.length;l++){var h=u[l];this.metadata[i][a][h]==null?this.metadata[i][a][h]=e.metadata[i][a][h]:this.metadata[i][a][h]=this.metadata[i][a][h].concat(e.metadata[i][a][h])}}}},t.MatchData.prototype.add=function(e,n,r){if(!(e in this.metadata)){this.metadata[e]=Object.create(null),this.metadata[e][n]=r;return}if(!(n in this.metadata[e])){this.metadata[e][n]=r;return}for(var i=Object.keys(r),s=0;s<i.length;s++){var o=i[s];o in this.metadata[e][n]?this.metadata[e][n][o]=this.metadata[e][n][o].concat(r[o]):this.metadata[e][n][o]=r[o]}},t.Query=function(e){this.clauses=[],this.allFields=e},t.Query.wildcard=new String("*"),t.Query.wildcard.NONE=0,t.Query.wildcard.LEADING=1,t.Query.wildcard.TRAILING=2,t.Query.presence={OPTIONAL:1,REQUIRED:2,PROHIBITED:3},t.Query.prototype.clause=function(e){return"fields"in e||(e.fields=this.allFields),"boost"in e||(e.boost=1),"usePipeline"in e||(e.usePipeline=!0),"wildcard"in e||(e.wildcard=t.Query.wildcard.NONE),e.wildcard&t.Query.wildcard.LEADING&&e.term.charAt(0)!=t.Query.wildcard&&(e.term="*"+e.term),e.wildcard&t.Query.wildcard.TRAILING&&e.term.slice(-1)!=t.Query.wildcard&&(e.term=""+e.term+"*"),"presence"in e||(e.presence=t.Query.presence.OPTIONAL),this.clauses.push(e),this},t.Query.prototype.isNegated=function(){for(var e=0;e<this.clauses.length;e++)if(this.clauses[e].presence!=t.Query.presence.PROHIBITED)return!1;return!0},t.Query.prototype.term=function(e,n){if(Array.isArray(e))return e.forEach(function(i){this.term(i,t.utils.clone(n))},this),this;var r=n||{};return r.term=e.toString(),this.clause(r),this},t.QueryParseError=function(e,n,r){this.name="QueryParseError",this.message=e,this.start=n,this.end=r},t.QueryParseError.prototype=new Error,t.QueryLexer=function(e){this.lexemes=[],this.str=e,this.length=e.length,this.pos=0,this.start=0,this.escapeCharPositions=[]},t.QueryLexer.prototype.run=function(){for(var e=t.QueryLexer.lexText;e;)e=e(this)},t.QueryLexer.prototype.sliceString=function(){for(var e=[],n=this.start,r=this.pos,i=0;i<this.escapeCharPositions.length;i++)r=this.escapeCharPositions[i],e.push(this.str.slice(n,r)),n=r+1;return e.push(this.str.slice(n,this.pos)),this.escapeCharPositions.length=0,e.join("")},t.QueryLexer.prototype.emit=function(e){this.lexemes.push({type:e,str:this.sliceString(),start:this.start,end:this.pos}),this.start=this.pos},t.QueryLexer.prototype.escapeCharacter=function(){this.escapeCharPositions.push(this.pos-1),this.pos+=1},t.QueryLexer.prototype.next=function(){if(this.pos>=this.length)return t.QueryLexer.EOS;var e=this.str.charAt(this.pos);return this.pos+=1,e},t.QueryLexer.prototype.width=function(){return this.pos-this.start},t.QueryLexer.prototype.ignore=function(){this.start==this.pos&&(this.pos+=1),this.start=this.pos},t.QueryLexer.prototype.backup=function(){this.pos-=1},t.QueryLexer.prototype.acceptDigitRun=function(){var e,n;do e=this.next(),n=e.charCodeAt(0);while(n>47&&n<58);e!=t.QueryLexer.EOS&&this.backup()},t.QueryLexer.prototype.more=function(){return this.pos<this.length},t.QueryLexer.EOS="EOS",t.QueryLexer.FIELD="FIELD",t.QueryLexer.TERM="TERM",t.QueryLexer.EDIT_DISTANCE="EDIT_DISTANCE",t.QueryLexer.BOOST="BOOST",t.QueryLexer.PRESENCE="PRESENCE",t.QueryLexer.lexField=function(e){return e.backup(),e.emit(t.QueryLexer.FIELD),e.ignore(),t.QueryLexer.lexText},t.QueryLexer.lexTerm=function(e){if(e.width()>1&&(e.backup(),e.emit(t.QueryLexer.TERM)),e.ignore(),e.more())return t.QueryLexer.lexText},t.QueryLexer.lexEditDistance=function(e){return e.ignore(),e.acceptDigitRun(),e.emit(t.QueryLexer.EDIT_DISTANCE),t.QueryLexer.lexText},t.QueryLexer.lexBoost=function(e){return e.ignore(),e.acceptDigitRun(),e.emit(t.QueryLexer.BOOST),t.QueryLexer.lexText},t.QueryLexer.lexEOS=function(e){e.width()>0&&e.emit(t.QueryLexer.TERM)},t.QueryLexer.termSeparator=t.tokenizer.separator,t.QueryLexer.lexText=function(e){for(;;){var n=e.next();if(n==t.QueryLexer.EOS)return t.QueryLexer.lexEOS;if(n.charCodeAt(0)==92){e.escapeCharacter();continue}if(n==":")return t.QueryLexer.lexField;if(n=="~")return e.backup(),e.width()>0&&e.emit(t.QueryLexer.TERM),t.QueryLexer.lexEditDistance;if(n=="^")return e.backup(),e.width()>0&&e.emit(t.QueryLexer.TERM),t.QueryLexer.lexBoost;if(n=="+"&&e.width()===1||n=="-"&&e.width()===1)return e.emit(t.QueryLexer.PRESENCE),t.QueryLexer.lexText;if(n.match(t.QueryLexer.termSeparator))return t.QueryLexer.lexTerm}},t.QueryParser=function(e,n){this.lexer=new t.QueryLexer(e),this.query=n,this.currentClause={},this.lexemeIdx=0},t.QueryParser.prototype.parse=function(){this.lexer.run(),this.lexemes=this.lexer.lexemes;for(var e=t.QueryParser.parseClause;e;)e=e(this);return this.query},t.QueryParser.prototype.peekLexeme=function(){return this.lexemes[this.lexemeIdx]},t.QueryParser.prototype.consumeLexeme=function(){var e=this.peekLexeme();return this.lexemeIdx+=1,e},t.QueryParser.prototype.nextClause=function(){var e=this.currentClause;this.query.clause(e),this.currentClause={}},t.QueryParser.parseClause=function(e){var n=e.peekLexeme();if(n!=null)switch(n.type){case t.QueryLexer.PRESENCE:return t.QueryParser.parsePresence;case t.QueryLexer.FIELD:return t.QueryParser.parseField;case t.QueryLexer.TERM:return t.QueryParser.parseTerm;default:var r="expected either a field or a term, found "+n.type;throw n.str.length>=1&&(r+=" with value '"+n.str+"'"),new t.QueryParseError(r,n.start,n.end)}},t.QueryParser.parsePresence=function(e){var n=e.consumeLexeme();if(n!=null){switch(n.str){case"-":e.currentClause.presence=t.Query.presence.PROHIBITED;break;case"+":e.currentClause.presence=t.Query.presence.REQUIRED;break;default:var r="unrecognised presence operator'"+n.str+"'";throw new t.QueryParseError(r,n.start,n.end)}var i=e.peekLexeme();if(i==null){var r="expecting term or field, found nothing";throw new t.QueryParseError(r,n.start,n.end)}switch(i.type){case t.QueryLexer.FIELD:return t.QueryParser.parseField;case t.QueryLexer.TERM:return t.QueryParser.parseTerm;default:var r="expecting term or field, found '"+i.type+"'";throw new t.QueryParseError(r,i.start,i.end)}}},t.QueryParser.parseField=function(e){var n=e.consumeLexeme();if(n!=null){if(e.query.allFields.indexOf(n.str)==-1){var r=e.query.allFields.map(function(o){return"'"+o+"'"}).join(", "),i="unrecognised field '"+n.str+"', possible fields: "+r;throw new t.QueryParseError(i,n.start,n.end)}e.currentClause.fields=[n.str];var s=e.peekLexeme();if(s==null){var i="expecting term, found nothing";throw new t.QueryParseError(i,n.start,n.end)}switch(s.type){case t.QueryLexer.TERM:return t.QueryParser.parseTerm;default:var i="expecting term, found '"+s.type+"'";throw new t.QueryParseError(i,s.start,s.end)}}},t.QueryParser.parseTerm=function(e){var n=e.consumeLexeme();if(n!=null){e.currentClause.term=n.str.toLowerCase(),n.str.indexOf("*")!=-1&&(e.currentClause.usePipeline=!1);var r=e.peekLexeme();if(r==null){e.nextClause();return}switch(r.type){case t.QueryLexer.TERM:return e.nextClause(),t.QueryParser.parseTerm;case t.QueryLexer.FIELD:return e.nextClause(),t.QueryParser.parseField;case t.QueryLexer.EDIT_DISTANCE:return t.QueryParser.parseEditDistance;case t.QueryLexer.BOOST:return t.QueryParser.parseBoost;case t.QueryLexer.PRESENCE:return e.nextClause(),t.QueryParser.parsePresence;default:var i="Unexpected lexeme type '"+r.type+"'";throw new t.QueryParseError(i,r.start,r.end)}}},t.QueryParser.parseEditDistance=function(e){var n=e.consumeLexeme();if(n!=null){var r=parseInt(n.str,10);if(isNaN(r)){var i="edit distance must be numeric";throw new t.QueryParseError(i,n.start,n.end)}e.currentClause.editDistance=r;var s=e.peekLexeme();if(s==null){e.nextClause();return}switch(s.type){case t.QueryLexer.TERM:return e.nextClause(),t.QueryParser.parseTerm;case t.QueryLexer.FIELD:return e.nextClause(),t.QueryParser.parseField;case t.QueryLexer.EDIT_DISTANCE:return t.QueryParser.parseEditDistance;case t.QueryLexer.BOOST:return t.QueryParser.parseBoost;case t.QueryLexer.PRESENCE:return e.nextClause(),t.QueryParser.parsePresence;default:var i="Unexpected lexeme type '"+s.type+"'";throw new t.QueryParseError(i,s.start,s.end)}}},t.QueryParser.parseBoost=function(e){var n=e.consumeLexeme();if(n!=null){var r=parseInt(n.str,10);if(isNaN(r)){var i="boost must be numeric";throw new t.QueryParseError(i,n.start,n.end)}e.currentClause.boost=r;var s=e.peekLexeme();if(s==null){e.nextClause();return}switch(s.type){case t.QueryLexer.TERM:return e.nextClause(),t.QueryParser.parseTerm;case t.QueryLexer.FIELD:return e.nextClause(),t.QueryParser.parseField;case t.QueryLexer.EDIT_DISTANCE:return t.QueryParser.parseEditDistance;case t.QueryLexer.BOOST:return t.QueryParser.parseBoost;case t.QueryLexer.PRESENCE:return e.nextClause(),t.QueryParser.parsePresence;default:var i="Unexpected lexeme type '"+s.type+"'";throw new t.QueryParseError(i,s.start,s.end)}}},function(e,n){typeof define=="function"&&define.amd?define(n):typeof ce=="object"?he.exports=n():e.lunr=n()}(this,function(){return t})})()});var le=[];function j(t,e){le.push({selector:e,constructor:t})}var Y=class{constructor(){this.createComponents(document.body)}createComponents(e){le.forEach(n=>{e.querySelectorAll(n.selector).forEach(r=>{r.dataset.hasInstance||(new n.constructor({el:r}),r.dataset.hasInstance=String(!0))})})}};var k=class{constructor(e){this.el=e.el}};var J=class{constructor(){this.listeners={}}addEventListener(e,n){e in this.listeners||(this.listeners[e]=[]),this.listeners[e].push(n)}removeEventListener(e,n){if(!(e in this.listeners))return;let r=this.listeners[e];for(let i=0,s=r.length;i<s;i++)if(r[i]===n){r.splice(i,1);return}}dispatchEvent(e){if(!(e.type in this.listeners))return!0;let n=this.listeners[e.type].slice();for(let r=0,i=n.length;r<i;r++)n[r].call(this,e);return!e.defaultPrevented}};var ne=(t,e=100)=>{let n=Date.now();return(...r)=>{n+e-Date.now()<0&&(t(...r),n=Date.now())}};var re=class extends J{constructor(){super();this.scrollTop=0;this.lastY=0;this.width=0;this.height=0;this.showToolbar=!0;this.toolbar=document.querySelector(".tsd-page-toolbar"),this.navigation=document.querySelector(".col-menu"),window.addEventListener("scroll",ne(()=>this.onScroll(),10)),window.addEventListener("resize",ne(()=>this.onResize(),10)),this.searchInput=document.querySelector("#tsd-search input"),this.searchInput&&this.searchInput.addEventListener("focus",()=>{this.hideShowToolbar()}),this.onResize(),this.onScroll()}triggerResize(){let n=new CustomEvent("resize",{detail:{width:this.width,height:this.height}});this.dispatchEvent(n)}onResize(){this.width=window.innerWidth||0,this.height=window.innerHeight||0;let n=new CustomEvent("resize",{detail:{width:this.width,height:this.height}});this.dispatchEvent(n)}onScroll(){this.scrollTop=window.scrollY||0;let n=new CustomEvent("scroll",{detail:{scrollTop:this.scrollTop}});this.dispatchEvent(n),this.hideShowToolbar()}hideShowToolbar(){let n=this.showToolbar;this.showToolbar=this.lastY>=this.scrollTop||this.scrollTop<=0||!!this.searchInput&&this.searchInput===document.activeElement,n!==this.showToolbar&&(this.toolbar.classList.toggle("tsd-page-toolbar--hide"),this.navigation?.classList.toggle("col-menu--hide")),this.lastY=this.scrollTop}},R=re;R.instance=new re;var X=class extends k{constructor(n){super(n);this.anchors=[];this.index=-1;R.instance.addEventListener("resize",()=>this.onResize()),R.instance.addEventListener("scroll",r=>this.onScroll(r)),this.createAnchors()}createAnchors(){let n=window.location.href;n.indexOf("#")!=-1&&(n=n.substring(0,n.indexOf("#"))),this.el.querySelectorAll("a").forEach(r=>{let i=r.href;if(i.indexOf("#")==-1||i.substring(0,n.length)!=n)return;let s=i.substring(i.indexOf("#")+1),o=document.querySelector("a.tsd-anchor[name="+s+"]"),a=r.parentNode;!o||!a||this.anchors.push({link:a,anchor:o,position:0})}),this.onResize()}onResize(){let n;for(let i=0,s=this.anchors.length;i<s;i++){n=this.anchors[i];let o=n.anchor.getBoundingClientRect();n.position=o.top+document.body.scrollTop}this.anchors.sort((i,s)=>i.position-s.position);let r=new CustomEvent("scroll",{detail:{scrollTop:R.instance.scrollTop}});this.onScroll(r)}onScroll(n){let r=n.detail.scrollTop+5,i=this.anchors,s=i.length-1,o=this.index;for(;o>-1&&i[o].position>r;)o-=1;for(;o<s&&i[o+1].position<r;)o+=1;this.index!=o&&(this.index>-1&&this.anchors[this.index].link.classList.remove("focus"),this.index=o,this.index>-1&&this.anchors[this.index].link.classList.add("focus"))}};var ue=(t,e=100)=>{let n;return(...r)=>{clearTimeout(n),n=setTimeout(()=>t(r),e)}};var me=De(de());function ve(){let t=document.getElementById("tsd-search");if(!t)return;let e=document.getElementById("search-script");t.classList.add("loading"),e&&(e.addEventListener("error",()=>{t.classList.remove("loading"),t.classList.add("failure")}),e.addEventListener("load",()=>{t.classList.remove("loading"),t.classList.add("ready")}),window.searchData&&t.classList.remove("loading"));let n=document.querySelector("#tsd-search input"),r=document.querySelector("#tsd-search .results");if(!n||!r)throw new Error("The input field or the result list wrapper was not found");let i=!1;r.addEventListener("mousedown",()=>i=!0),r.addEventListener("mouseup",()=>{i=!1,t.classList.remove("has-focus")}),n.addEventListener("focus",()=>t.classList.add("has-focus")),n.addEventListener("blur",()=>{i||(i=!1,t.classList.remove("has-focus"))});let s={base:t.dataset.base+"/"};Fe(t,r,n,s)}function Fe(t,e,n,r){n.addEventListener("input",ue(()=>{Ae(t,e,n,r)},200));let i=!1;n.addEventListener("keydown",s=>{i=!0,s.key=="Enter"?Ve(e,n):s.key=="Escape"?n.blur():s.key=="ArrowUp"?fe(e,-1):s.key==="ArrowDown"?fe(e,1):i=!1}),n.addEventListener("keypress",s=>{i&&s.preventDefault()}),document.body.addEventListener("keydown",s=>{s.altKey||s.ctrlKey||s.metaKey||!n.matches(":focus")&&s.key==="/"&&(n.focus(),s.preventDefault())})}function He(t,e){t.index||window.searchData&&(e.classList.remove("loading"),e.classList.add("ready"),t.data=window.searchData,t.index=me.Index.load(window.searchData.index))}function Ae(t,e,n,r){if(He(r,t),!r.index||!r.data)return;e.textContent="";let i=n.value.trim(),s=i?r.index.search(`*${i}*`):[];for(let o=0;o<s.length;o++){let a=s[o],u=r.data.rows[Number(a.ref)],l=1;u.name.toLowerCase().startsWith(i.toLowerCase())&&(l*=1+1/(1+Math.abs(u.name.length-i.length))),a.score*=l}s.sort((o,a)=>a.score-o.score);for(let o=0,a=Math.min(10,s.length);o<a;o++){let u=r.data.rows[Number(s[o].ref)],l=pe(u.name,i);globalThis.DEBUG_SEARCH_WEIGHTS&&(l+=` (score: ${s[o].score.toFixed(2)})`),u.parent&&(l=`<span class="parent">${pe(u.parent,i)}.</span>${l}`);let h=document.createElement("li");h.classList.value=u.classes??"";let m=document.createElement("a");m.href=r.base+u.url,m.innerHTML=l,h.append(m),e.appendChild(h)}}function fe(t,e){let n=t.querySelector(".current");if(!n)n=t.querySelector(e==1?"li:first-child":"li:last-child"),n&&n.classList.add("current");else{let r=n;if(e===1)do r=r.nextElementSibling??void 0;while(r instanceof HTMLElement&&r.offsetParent==null);else do r=r.previousElementSibling??void 0;while(r instanceof HTMLElement&&r.offsetParent==null);r&&(n.classList.remove("current"),r.classList.add("current"))}}function Ve(t,e){let n=t.querySelector(".current");if(n||(n=t.querySelector("li:first-child")),n){let r=n.querySelector("a");r&&(window.location.href=r.href),e.blur()}}function pe(t,e){if(e==="")return t;let n=t.toLocaleLowerCase(),r=e.toLocaleLowerCase(),i=[],s=0,o=n.indexOf(r);for(;o!=-1;)i.push(ie(t.substring(s,o)),`<b>${ie(t.substring(o,o+r.length))}</b>`),s=o+r.length,o=n.indexOf(r,s);return i.push(ie(t.substring(s))),i.join("")}var Ne={"&":"&amp;","<":"&lt;",">":"&gt;","'":"&#039;",'"':"&quot;"};function ie(t){return t.replace(/[&<>"'"]/g,e=>Ne[e])}var F="mousedown",ye="mousemove",B="mouseup",Z={x:0,y:0},ge=!1,se=!1,je=!1,H=!1,xe=/Android|webOS|iPhone|iPad|iPod|BlackBerry|IEMobile|Opera Mini/i.test(navigator.userAgent);document.documentElement.classList.add(xe?"is-mobile":"not-mobile");xe&&"ontouchstart"in document.documentElement&&(je=!0,F="touchstart",ye="touchmove",B="touchend");document.addEventListener(F,t=>{se=!0,H=!1;let e=F=="touchstart"?t.targetTouches[0]:t;Z.y=e.pageY||0,Z.x=e.pageX||0});document.addEventListener(ye,t=>{if(!!se&&!H){let e=F=="touchstart"?t.targetTouches[0]:t,n=Z.x-(e.pageX||0),r=Z.y-(e.pageY||0);H=Math.sqrt(n*n+r*r)>10}});document.addEventListener(B,()=>{se=!1});document.addEventListener("click",t=>{ge&&(t.preventDefault(),t.stopImmediatePropagation(),ge=!1)});var K=class extends k{constructor(n){super(n);this.className=this.el.dataset.toggle||"",this.el.addEventListener(B,r=>this.onPointerUp(r)),this.el.addEventListener("click",r=>r.preventDefault()),document.addEventListener(F,r=>this.onDocumentPointerDown(r)),document.addEventListener(B,r=>this.onDocumentPointerUp(r))}setActive(n){if(this.active==n)return;this.active=n,document.documentElement.classList.toggle("has-"+this.className,n),this.el.classList.toggle("active",n);let r=(this.active?"to-has-":"from-has-")+this.className;document.documentElement.classList.add(r),setTimeout(()=>document.documentElement.classList.remove(r),500)}onPointerUp(n){H||(this.setActive(!0),n.preventDefault())}onDocumentPointerDown(n){if(this.active){if(n.target.closest(".col-menu, .tsd-filter-group"))return;this.setActive(!1)}}onDocumentPointerUp(n){if(!H&&this.active&&n.target.closest(".col-menu")){let r=n.target.closest("a");if(r){let i=window.location.href;i.indexOf("#")!=-1&&(i=i.substring(0,i.indexOf("#"))),r.href.substring(0,i.length)==i&&setTimeout(()=>this.setActive(!1),250)}}}};var oe;try{oe=localStorage}catch{oe={getItem(){return null},setItem(){}}}var Q=oe;var Le=document.head.appendChild(document.createElement("style"));Le.dataset.for="filters";var ee=class extends k{constructor(n){super(n);this.key=`filter-${this.el.name}`,this.value=this.el.checked,this.el.addEventListener("change",()=>{this.setLocalStorage(this.el.checked)}),this.setLocalStorage(this.fromLocalStorage()),Le.innerHTML+=`html:not(.${this.key}) .tsd-is-${this.el.name} { display: none; }
+`}fromLocalStorage(){let n=Q.getItem(this.key);return n?n==="true":this.el.checked}setLocalStorage(n){Q.setItem(this.key,n.toString()),this.value=n,this.handleValueChange()}handleValueChange(){this.el.checked=this.value,document.documentElement.classList.toggle(this.key,this.value),document.querySelectorAll(".tsd-index-section").forEach(n=>{n.style.display="block";let r=Array.from(n.querySelectorAll(".tsd-index-link")).every(i=>i.offsetParent==null);n.style.display=r?"none":"block"})}};var te=class extends k{constructor(n){super(n);this.calculateHeights(),this.summary=this.el.querySelector(".tsd-accordion-summary"),this.icon=this.summary.querySelector("svg"),this.key=`tsd-accordion-${this.summary.textContent.replace(/\s+/g,"-").toLowerCase()}`,this.setLocalStorage(this.fromLocalStorage(),!0),this.summary.addEventListener("click",r=>this.toggleVisibility(r)),this.icon.style.transform=this.getIconRotation()}getIconRotation(n=this.el.open){return`rotate(${n?0:-90}deg)`}calculateHeights(){let n=this.el.open,{position:r,left:i}=this.el.style;this.el.style.position="fixed",this.el.style.left="-9999px",this.el.open=!0,this.expandedHeight=this.el.offsetHeight+"px",this.el.open=!1,this.collapsedHeight=this.el.offsetHeight+"px",this.el.open=n,this.el.style.height=n?this.expandedHeight:this.collapsedHeight,this.el.style.position=r,this.el.style.left=i}toggleVisibility(n){n.preventDefault(),this.el.style.overflow="hidden",this.el.open?this.collapse():this.expand()}expand(n=!0){this.el.open=!0,this.animate(this.collapsedHeight,this.expandedHeight,{opening:!0,duration:n?300:0})}collapse(n=!0){this.animate(this.expandedHeight,this.collapsedHeight,{opening:!1,duration:n?300:0})}animate(n,r,{opening:i,duration:s=300}){if(this.animation)return;let o={duration:s,easing:"ease"};this.animation=this.el.animate({height:[n,r]},o),this.icon.animate({transform:[this.icon.style.transform||this.getIconRotation(!i),this.getIconRotation(i)]},o).addEventListener("finish",()=>{this.icon.style.transform=this.getIconRotation(i)}),this.animation.addEventListener("finish",()=>this.animationEnd(i))}animationEnd(n){this.el.open=n,this.animation=void 0,this.el.style.height="auto",this.el.style.overflow="visible",this.setLocalStorage(n)}fromLocalStorage(){let n=Q.getItem(this.key);return n?n==="true":this.el.open}setLocalStorage(n,r=!1){this.fromLocalStorage()===n&&!r||(Q.setItem(this.key,n.toString()),this.el.open=n,this.handleValueChange(r))}handleValueChange(n=!1){this.fromLocalStorage()===this.el.open&&!n||(this.fromLocalStorage()?this.expand(!1):this.collapse(!1))}};function be(t){let e=Q.getItem("tsd-theme")||"os";t.value=e,Ee(e),t.addEventListener("change",()=>{Q.setItem("tsd-theme",t.value),Ee(t.value)})}function Ee(t){document.documentElement.dataset.theme=t}ve();j(X,".menu-highlight");j(K,"a[data-toggle]");j(te,".tsd-index-accordion");j(ee,".tsd-filter-item input[type=checkbox]");var Se=document.getElementById("theme");Se&&be(Se);var Be=new Y;Object.defineProperty(window,"app",{value:Be});})();
+/*!
+ * lunr.Builder
+ * Copyright (C) 2020 Oliver Nightingale
+ */
+/*!
+ * lunr.Index
+ * Copyright (C) 2020 Oliver Nightingale
+ */
+/*!
+ * lunr.Pipeline
+ * Copyright (C) 2020 Oliver Nightingale
+ */
+/*!
+ * lunr.Set
+ * Copyright (C) 2020 Oliver Nightingale
+ */
+/*!
+ * lunr.TokenSet
+ * Copyright (C) 2020 Oliver Nightingale
+ */
+/*!
+ * lunr.Vector
+ * Copyright (C) 2020 Oliver Nightingale
+ */
+/*!
+ * lunr.stemmer
+ * Copyright (C) 2020 Oliver Nightingale
+ * Includes code from - http://tartarus.org/~martin/PorterStemmer/js.txt
+ */
+/*!
+ * lunr.stopWordFilter
+ * Copyright (C) 2020 Oliver Nightingale
+ */
+/*!
+ * lunr.tokenizer
+ * Copyright (C) 2020 Oliver Nightingale
+ */
+/*!
+ * lunr.trimmer
+ * Copyright (C) 2020 Oliver Nightingale
+ */
+/*!
+ * lunr.utils
+ * Copyright (C) 2020 Oliver Nightingale
+ */
+/**
+ * lunr - http://lunrjs.com - A bit like Solr, but much smaller and not as bright - 2.3.9
+ * Copyright (C) 2020 Oliver Nightingale
+ * @license MIT
+ */
diff --git a/docs/content-security-policy/assets/search.js b/docs/content-security-policy/assets/search.js
new file mode 100644
index 00000000..71fdcf50
--- /dev/null
+++ b/docs/content-security-policy/assets/search.js
@@ -0,0 +1 @@
+window.searchData = JSON.parse("{\"kinds\":{\"32\":\"Variable\",\"64\":\"Function\",\"256\":\"Interface\",\"1024\":\"Property\",\"65536\":\"Type literal\"},\"rows\":[{\"kind\":32,\"name\":\"starter_policy\",\"url\":\"variables/starter_policy.html\",\"classes\":\"tsd-kind-variable\"},{\"kind\":65536,\"name\":\"__type\",\"url\":\"variables/starter_policy.html#__type\",\"classes\":\"tsd-kind-type-literal tsd-parent-kind-variable\",\"parent\":\"starter_policy\"},{\"kind\":1024,\"name\":\"base-uri\",\"url\":\"variables/starter_policy.html#__type.base_uri\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"starter_policy.__type\"},{\"kind\":1024,\"name\":\"connect-src\",\"url\":\"variables/starter_policy.html#__type.connect_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"starter_policy.__type\"},{\"kind\":1024,\"name\":\"default-src\",\"url\":\"variables/starter_policy.html#__type.default_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"starter_policy.__type\"},{\"kind\":1024,\"name\":\"form-action\",\"url\":\"variables/starter_policy.html#__type.form_action\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"starter_policy.__type\"},{\"kind\":1024,\"name\":\"img-src\",\"url\":\"variables/starter_policy.html#__type.img_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"starter_policy.__type\"},{\"kind\":1024,\"name\":\"script-src\",\"url\":\"variables/starter_policy.html#__type.script_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"starter_policy.__type\"},{\"kind\":1024,\"name\":\"style-src\",\"url\":\"variables/starter_policy.html#__type.style_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"starter_policy.__type\"},{\"kind\":32,\"name\":\"recommended_policy\",\"url\":\"variables/recommended_policy.html\",\"classes\":\"tsd-kind-variable\"},{\"kind\":65536,\"name\":\"__type\",\"url\":\"variables/recommended_policy.html#__type\",\"classes\":\"tsd-kind-type-literal tsd-parent-kind-variable\",\"parent\":\"recommended_policy\"},{\"kind\":1024,\"name\":\"font-src\",\"url\":\"variables/recommended_policy.html#__type.font_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"frame-ancestors\",\"url\":\"variables/recommended_policy.html#__type.frame_ancestors\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"manifest-src\",\"url\":\"variables/recommended_policy.html#__type.manifest_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"object-src\",\"url\":\"variables/recommended_policy.html#__type.object_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"prefetch-src\",\"url\":\"variables/recommended_policy.html#__type.prefetch_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"upgrade-insecure-requests\",\"url\":\"variables/recommended_policy.html#__type.upgrade_insecure_requests\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"base-uri\",\"url\":\"variables/recommended_policy.html#__type.base_uri\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"connect-src\",\"url\":\"variables/recommended_policy.html#__type.connect_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"default-src\",\"url\":\"variables/recommended_policy.html#__type.default_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"form-action\",\"url\":\"variables/recommended_policy.html#__type.form_action\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"img-src\",\"url\":\"variables/recommended_policy.html#__type.img_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"script-src\",\"url\":\"variables/recommended_policy.html#__type.script_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"style-src\",\"url\":\"variables/recommended_policy.html#__type.style_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":64,\"name\":\"cspDirectives\",\"url\":\"functions/cspDirectives.html\",\"classes\":\"tsd-kind-function\"},{\"kind\":64,\"name\":\"cspHeader\",\"url\":\"functions/cspHeader.html\",\"classes\":\"tsd-kind-function\"},{\"kind\":64,\"name\":\"cspJSON\",\"url\":\"functions/cspJSON.html\",\"classes\":\"tsd-kind-function\"},{\"kind\":256,\"name\":\"Config\",\"url\":\"interfaces/Config.html\",\"classes\":\"tsd-kind-interface\"},{\"kind\":1024,\"name\":\"directives\",\"url\":\"interfaces/Config.html#directives\",\"classes\":\"tsd-kind-property tsd-parent-kind-interface\",\"parent\":\"Config\"},{\"kind\":1024,\"name\":\"patterns\",\"url\":\"interfaces/Config.html#patterns\",\"classes\":\"tsd-kind-property tsd-parent-kind-interface\",\"parent\":\"Config\"},{\"kind\":256,\"name\":\"Directives\",\"url\":\"interfaces/Directives.html\",\"classes\":\"tsd-kind-interface\"}],\"index\":{\"version\":\"2.3.9\",\"fields\":[\"name\",\"comment\"],\"fieldVectors\":[[\"name/0\",[0,36.659]],[\"comment/0\",[]],[\"name/1\",[1,30.54]],[\"comment/1\",[]],[\"name/2\",[2,23.635,3,23.635]],[\"comment/2\",[]],[\"name/3\",[4,23.635,5,7.339]],[\"comment/3\",[]],[\"name/4\",[5,7.339,6,23.635]],[\"comment/4\",[]],[\"name/5\",[7,23.635,8,23.635]],[\"comment/5\",[]],[\"name/6\",[5,7.339,9,23.635]],[\"comment/6\",[]],[\"name/7\",[5,7.339,10,23.635]],[\"comment/7\",[]],[\"name/8\",[5,7.339,11,23.635]],[\"comment/8\",[]],[\"name/9\",[12,36.659]],[\"comment/9\",[]],[\"name/10\",[1,30.54]],[\"comment/10\",[]],[\"name/11\",[5,7.339,13,28.371]],[\"comment/11\",[]],[\"name/12\",[14,28.371,15,28.371]],[\"comment/12\",[]],[\"name/13\",[5,7.339,16,28.371]],[\"comment/13\",[]],[\"name/14\",[5,7.339,17,28.371]],[\"comment/14\",[]],[\"name/15\",[5,7.339,18,28.371]],[\"comment/15\",[]],[\"name/16\",[19,23.139,20,23.139,21,23.139]],[\"comment/16\",[]],[\"name/17\",[2,23.635,3,23.635]],[\"comment/17\",[]],[\"name/18\",[4,23.635,5,7.339]],[\"comment/18\",[]],[\"name/19\",[5,7.339,6,23.635]],[\"comment/19\",[]],[\"name/20\",[7,23.635,8,23.635]],[\"comment/20\",[]],[\"name/21\",[5,7.339,9,23.635]],[\"comment/21\",[]],[\"name/22\",[5,7.339,10,23.635]],[\"comment/22\",[]],[\"name/23\",[5,7.339,11,23.635]],[\"comment/23\",[]],[\"name/24\",[22,36.659]],[\"comment/24\",[]],[\"name/25\",[23,36.659]],[\"comment/25\",[]],[\"name/26\",[24,36.659]],[\"comment/26\",[]],[\"name/27\",[25,36.659]],[\"comment/27\",[]],[\"name/28\",[26,30.54]],[\"comment/28\",[]],[\"name/29\",[27,36.659]],[\"comment/29\",[]],[\"name/30\",[26,30.54]],[\"comment/30\",[]]],\"invertedIndex\":[[\"__type\",{\"_index\":1,\"name\":{\"1\":{},\"10\":{}},\"comment\":{}}],[\"action\",{\"_index\":8,\"name\":{\"5\":{},\"20\":{}},\"comment\":{}}],[\"ancestors\",{\"_index\":15,\"name\":{\"12\":{}},\"comment\":{}}],[\"base\",{\"_index\":2,\"name\":{\"2\":{},\"17\":{}},\"comment\":{}}],[\"config\",{\"_index\":25,\"name\":{\"27\":{}},\"comment\":{}}],[\"connect\",{\"_index\":4,\"name\":{\"3\":{},\"18\":{}},\"comment\":{}}],[\"cspdirectives\",{\"_index\":22,\"name\":{\"24\":{}},\"comment\":{}}],[\"cspheader\",{\"_index\":23,\"name\":{\"25\":{}},\"comment\":{}}],[\"cspjson\",{\"_index\":24,\"name\":{\"26\":{}},\"comment\":{}}],[\"default\",{\"_index\":6,\"name\":{\"4\":{},\"19\":{}},\"comment\":{}}],[\"directives\",{\"_index\":26,\"name\":{\"28\":{},\"30\":{}},\"comment\":{}}],[\"font\",{\"_index\":13,\"name\":{\"11\":{}},\"comment\":{}}],[\"form\",{\"_index\":7,\"name\":{\"5\":{},\"20\":{}},\"comment\":{}}],[\"frame\",{\"_index\":14,\"name\":{\"12\":{}},\"comment\":{}}],[\"img\",{\"_index\":9,\"name\":{\"6\":{},\"21\":{}},\"comment\":{}}],[\"insecure\",{\"_index\":20,\"name\":{\"16\":{}},\"comment\":{}}],[\"manifest\",{\"_index\":16,\"name\":{\"13\":{}},\"comment\":{}}],[\"object\",{\"_index\":17,\"name\":{\"14\":{}},\"comment\":{}}],[\"patterns\",{\"_index\":27,\"name\":{\"29\":{}},\"comment\":{}}],[\"prefetch\",{\"_index\":18,\"name\":{\"15\":{}},\"comment\":{}}],[\"recommended_policy\",{\"_index\":12,\"name\":{\"9\":{}},\"comment\":{}}],[\"requests\",{\"_index\":21,\"name\":{\"16\":{}},\"comment\":{}}],[\"script\",{\"_index\":10,\"name\":{\"7\":{},\"22\":{}},\"comment\":{}}],[\"src\",{\"_index\":5,\"name\":{\"3\":{},\"4\":{},\"6\":{},\"7\":{},\"8\":{},\"11\":{},\"13\":{},\"14\":{},\"15\":{},\"18\":{},\"19\":{},\"21\":{},\"22\":{},\"23\":{}},\"comment\":{}}],[\"starter_policy\",{\"_index\":0,\"name\":{\"0\":{}},\"comment\":{}}],[\"style\",{\"_index\":11,\"name\":{\"8\":{},\"23\":{}},\"comment\":{}}],[\"upgrade\",{\"_index\":19,\"name\":{\"16\":{}},\"comment\":{}}],[\"uri\",{\"_index\":3,\"name\":{\"2\":{},\"17\":{}},\"comment\":{}}]],\"pipeline\":[]}}");
\ No newline at end of file
diff --git a/docs/content-security-policy/assets/style.css b/docs/content-security-policy/assets/style.css
new file mode 100644
index 00000000..958d2c26
--- /dev/null
+++ b/docs/content-security-policy/assets/style.css
@@ -0,0 +1,1225 @@
+:root {
+    /* Light */
+    --light-color-background: #f2f4f8;
+    --light-color-background-secondary: #eff0f1;
+    --light-color-icon-background: var(--light-color-background);
+    --light-color-accent: #c5c7c9;
+    --light-color-text: #222;
+    --light-color-text-aside: #707070;
+    --light-color-link: #4da6ff;
+    --light-color-ts: #db1373;
+    --light-color-ts-interface: #139d2c;
+    --light-color-ts-enum: #9c891a;
+    --light-color-ts-class: #2484e5;
+    --light-color-ts-function: #572be7;
+    --light-color-ts-namespace: #b111c9;
+    --light-color-ts-private: #707070;
+    --light-color-ts-variable: #4d68ff;
+    --light-external-icon: url("data:image/svg+xml;utf8,<svg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 100 100' width='10' height='10'><path fill-opacity='0' stroke='%23000' stroke-width='10' d='m43,35H5v60h60V57M45,5v10l10,10-30,30 20,20 30-30 10,10h10V5z'/></svg>");
+    --light-color-scheme: light;
+
+    /* Dark */
+    --dark-color-background: #2b2e33;
+    --dark-color-background-secondary: #1e2024;
+    --dark-color-icon-background: var(--dark-color-background-secondary);
+    --dark-color-accent: #9096a2;
+    --dark-color-text: #f5f5f5;
+    --dark-color-text-aside: #dddddd;
+    --dark-color-link: #00aff4;
+    --dark-color-ts: #ff6492;
+    --dark-color-ts-interface: #6cff87;
+    --dark-color-ts-enum: #f4d93e;
+    --dark-color-ts-class: #61b0ff;
+    --dark-color-ts-function: #9772ff;
+    --dark-color-ts-namespace: #e14dff;
+    --dark-color-ts-private: #e2e2e2;
+    --dark-color-ts-variable: #4d68ff;
+    --dark-external-icon: url("data:image/svg+xml;utf8,<svg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 100 100' width='10' height='10'><path fill-opacity='0' stroke='%23fff' stroke-width='10' d='m43,35H5v60h60V57M45,5v10l10,10-30,30 20,20 30-30 10,10h10V5z'/></svg>");
+    --dark-color-scheme: dark;
+}
+
+@media (prefers-color-scheme: light) {
+    :root {
+        --color-background: var(--light-color-background);
+        --color-background-secondary: var(--light-color-background-secondary);
+        --color-icon-background: var(--light-color-icon-background);
+        --color-accent: var(--light-color-accent);
+        --color-text: var(--light-color-text);
+        --color-text-aside: var(--light-color-text-aside);
+        --color-link: var(--light-color-link);
+        --color-ts: var(--light-color-ts);
+        --color-ts-interface: var(--light-color-ts-interface);
+        --color-ts-enum: var(--light-color-ts-enum);
+        --color-ts-class: var(--light-color-ts-class);
+        --color-ts-function: var(--light-color-ts-function);
+        --color-ts-namespace: var(--light-color-ts-namespace);
+        --color-ts-private: var(--light-color-ts-private);
+        --color-ts-variable: var(--light-color-ts-variable);
+        --external-icon: var(--light-external-icon);
+        --color-scheme: var(--light-color-scheme);
+    }
+}
+
+@media (prefers-color-scheme: dark) {
+    :root {
+        --color-background: var(--dark-color-background);
+        --color-background-secondary: var(--dark-color-background-secondary);
+        --color-icon-background: var(--dark-color-icon-background);
+        --color-accent: var(--dark-color-accent);
+        --color-text: var(--dark-color-text);
+        --color-text-aside: var(--dark-color-text-aside);
+        --color-link: var(--dark-color-link);
+        --color-ts: var(--dark-color-ts);
+        --color-ts-interface: var(--dark-color-ts-interface);
+        --color-ts-enum: var(--dark-color-ts-enum);
+        --color-ts-class: var(--dark-color-ts-class);
+        --color-ts-function: var(--dark-color-ts-function);
+        --color-ts-namespace: var(--dark-color-ts-namespace);
+        --color-ts-private: var(--dark-color-ts-private);
+        --color-ts-variable: var(--dark-color-ts-variable);
+        --external-icon: var(--dark-external-icon);
+        --color-scheme: var(--dark-color-scheme);
+    }
+}
+
+html {
+    color-scheme: var(--color-scheme);
+}
+
+body {
+    margin: 0;
+}
+
+:root[data-theme="light"] {
+    --color-background: var(--light-color-background);
+    --color-background-secondary: var(--light-color-background-secondary);
+    --color-icon-background: var(--light-color-icon-background);
+    --color-accent: var(--light-color-accent);
+    --color-text: var(--light-color-text);
+    --color-text-aside: var(--light-color-text-aside);
+    --color-link: var(--light-color-link);
+    --color-ts: var(--light-color-ts);
+    --color-ts-interface: var(--light-color-ts-interface);
+    --color-ts-enum: var(--light-color-ts-enum);
+    --color-ts-class: var(--light-color-ts-class);
+    --color-ts-function: var(--light-color-ts-function);
+    --color-ts-namespace: var(--light-color-ts-namespace);
+    --color-ts-private: var(--light-color-ts-private);
+    --color-ts-variable: var(--light-color-ts-variable);
+    --external-icon: var(--light-external-icon);
+    --color-scheme: var(--light-color-scheme);
+}
+
+:root[data-theme="dark"] {
+    --color-background: var(--dark-color-background);
+    --color-background-secondary: var(--dark-color-background-secondary);
+    --color-icon-background: var(--dark-color-icon-background);
+    --color-accent: var(--dark-color-accent);
+    --color-text: var(--dark-color-text);
+    --color-text-aside: var(--dark-color-text-aside);
+    --color-link: var(--dark-color-link);
+    --color-ts: var(--dark-color-ts);
+    --color-ts-interface: var(--dark-color-ts-interface);
+    --color-ts-enum: var(--dark-color-ts-enum);
+    --color-ts-class: var(--dark-color-ts-class);
+    --color-ts-function: var(--dark-color-ts-function);
+    --color-ts-namespace: var(--dark-color-ts-namespace);
+    --color-ts-private: var(--dark-color-ts-private);
+    --color-ts-variable: var(--dark-color-ts-variable);
+    --external-icon: var(--dark-external-icon);
+    --color-scheme: var(--dark-color-scheme);
+}
+
+h1,
+h2,
+h3,
+h4,
+h5,
+h6 {
+    line-height: 1.2;
+}
+
+h1 {
+    font-size: 1.875rem;
+    margin: 0.67rem 0;
+}
+
+h2 {
+    font-size: 1.5rem;
+    margin: 0.83rem 0;
+}
+
+h3 {
+    font-size: 1.25rem;
+    margin: 1rem 0;
+}
+
+h4 {
+    font-size: 1.05rem;
+    margin: 1.33rem 0;
+}
+
+h5 {
+    font-size: 1rem;
+    margin: 1.5rem 0;
+}
+
+h6 {
+    font-size: 0.875rem;
+    margin: 2.33rem 0;
+}
+
+.uppercase {
+    text-transform: uppercase;
+}
+
+pre {
+    white-space: pre;
+    white-space: pre-wrap;
+    word-wrap: break-word;
+}
+
+dl,
+menu,
+ol,
+ul {
+    margin: 1em 0;
+}
+
+dd {
+    margin: 0 0 0 40px;
+}
+
+.container {
+    max-width: 1600px;
+    padding: 0 2rem;
+}
+
+@media (min-width: 640px) {
+    .container {
+        padding: 0 4rem;
+    }
+}
+@media (min-width: 1200px) {
+    .container {
+        padding: 0 8rem;
+    }
+}
+@media (min-width: 1600px) {
+    .container {
+        padding: 0 12rem;
+    }
+}
+
+/* Footer */
+.tsd-generator {
+    border-top: 1px solid var(--color-accent);
+    padding-top: 1rem;
+    padding-bottom: 1rem;
+    max-height: 3.5rem;
+}
+
+.tsd-generator > p {
+    margin-top: 0;
+    margin-bottom: 0;
+    padding: 0 1rem;
+}
+
+.container-main {
+    display: flex;
+    justify-content: space-between;
+    position: relative;
+    margin: 0 auto;
+}
+
+.col-4,
+.col-8 {
+    box-sizing: border-box;
+    float: left;
+    padding: 2rem 1rem;
+}
+
+.col-4 {
+    flex: 0 0 25%;
+}
+.col-8 {
+    flex: 1 0;
+    flex-wrap: wrap;
+    padding-left: 0;
+}
+
+@keyframes fade-in {
+    from {
+        opacity: 0;
+    }
+    to {
+        opacity: 1;
+    }
+}
+@keyframes fade-out {
+    from {
+        opacity: 1;
+        visibility: visible;
+    }
+    to {
+        opacity: 0;
+    }
+}
+@keyframes fade-in-delayed {
+    0% {
+        opacity: 0;
+    }
+    33% {
+        opacity: 0;
+    }
+    100% {
+        opacity: 1;
+    }
+}
+@keyframes fade-out-delayed {
+    0% {
+        opacity: 1;
+        visibility: visible;
+    }
+    66% {
+        opacity: 0;
+    }
+    100% {
+        opacity: 0;
+    }
+}
+@keyframes shift-to-left {
+    from {
+        transform: translate(0, 0);
+    }
+    to {
+        transform: translate(-25%, 0);
+    }
+}
+@keyframes unshift-to-left {
+    from {
+        transform: translate(-25%, 0);
+    }
+    to {
+        transform: translate(0, 0);
+    }
+}
+@keyframes pop-in-from-right {
+    from {
+        transform: translate(100%, 0);
+    }
+    to {
+        transform: translate(0, 0);
+    }
+}
+@keyframes pop-out-to-right {
+    from {
+        transform: translate(0, 0);
+        visibility: visible;
+    }
+    to {
+        transform: translate(100%, 0);
+    }
+}
+body {
+    background: var(--color-background);
+    font-family: "Segoe UI", sans-serif;
+    font-size: 16px;
+    color: var(--color-text);
+}
+
+a {
+    color: var(--color-link);
+    text-decoration: none;
+}
+a:hover {
+    text-decoration: underline;
+}
+a.external[target="_blank"] {
+    background-image: var(--external-icon);
+    background-position: top 3px right;
+    background-repeat: no-repeat;
+    padding-right: 13px;
+}
+
+code,
+pre {
+    font-family: Menlo, Monaco, Consolas, "Courier New", monospace;
+    padding: 0.2em;
+    margin: 0;
+    font-size: 0.875rem;
+    border-radius: 0.8em;
+}
+
+pre {
+    padding: 10px;
+    border: 0.1em solid var(--color-accent);
+}
+pre code {
+    padding: 0;
+    font-size: 100%;
+}
+
+blockquote {
+    margin: 1em 0;
+    padding-left: 1em;
+    border-left: 4px solid gray;
+}
+
+.tsd-typography {
+    line-height: 1.333em;
+}
+.tsd-typography ul {
+    list-style: square;
+    padding: 0 0 0 20px;
+    margin: 0;
+}
+.tsd-typography h4,
+.tsd-typography .tsd-index-panel h3,
+.tsd-index-panel .tsd-typography h3,
+.tsd-typography h5,
+.tsd-typography h6 {
+    font-size: 1em;
+    margin: 0;
+}
+.tsd-typography h5,
+.tsd-typography h6 {
+    font-weight: normal;
+}
+.tsd-typography p,
+.tsd-typography ul,
+.tsd-typography ol {
+    margin: 1em 0;
+}
+
+@media (max-width: 1024px) {
+    html .col-content {
+        float: none;
+        max-width: 100%;
+        width: 100%;
+        padding-top: 3rem;
+    }
+    html .col-menu {
+        position: fixed !important;
+        overflow-y: auto;
+        -webkit-overflow-scrolling: touch;
+        z-index: 1024;
+        top: 0 !important;
+        bottom: 0 !important;
+        left: auto !important;
+        right: 0 !important;
+        padding: 1.5rem 1.5rem 0 0;
+        max-width: 25rem;
+        visibility: hidden;
+        background-color: var(--color-background);
+        transform: translate(100%, 0);
+    }
+    html .col-menu > *:last-child {
+        padding-bottom: 20px;
+    }
+    html .overlay {
+        content: "";
+        display: block;
+        position: fixed;
+        z-index: 1023;
+        top: 0;
+        left: 0;
+        right: 0;
+        bottom: 0;
+        background-color: rgba(0, 0, 0, 0.75);
+        visibility: hidden;
+    }
+
+    .to-has-menu .overlay {
+        animation: fade-in 0.4s;
+    }
+
+    .to-has-menu :is(header, footer, .col-content) {
+        animation: shift-to-left 0.4s;
+    }
+
+    .to-has-menu .col-menu {
+        animation: pop-in-from-right 0.4s;
+    }
+
+    .from-has-menu .overlay {
+        animation: fade-out 0.4s;
+    }
+
+    .from-has-menu :is(header, footer, .col-content) {
+        animation: unshift-to-left 0.4s;
+    }
+
+    .from-has-menu .col-menu {
+        animation: pop-out-to-right 0.4s;
+    }
+
+    .has-menu body {
+        overflow: hidden;
+    }
+    .has-menu .overlay {
+        visibility: visible;
+    }
+    .has-menu :is(header, footer, .col-content) {
+        transform: translate(-25%, 0);
+    }
+    .has-menu .col-menu {
+        visibility: visible;
+        transform: translate(0, 0);
+        display: grid;
+        align-items: center;
+        grid-template-rows: auto 1fr;
+        grid-gap: 1.5rem;
+        max-height: 100vh;
+        padding: 1rem 2rem;
+    }
+    .has-menu .tsd-navigation {
+        max-height: 100%;
+    }
+}
+
+.tsd-breadcrumb {
+    margin: 0;
+    padding: 0;
+    color: var(--color-text-aside);
+}
+.tsd-breadcrumb a {
+    color: var(--color-text-aside);
+    text-decoration: none;
+}
+.tsd-breadcrumb a:hover {
+    text-decoration: underline;
+}
+.tsd-breadcrumb li {
+    display: inline;
+}
+.tsd-breadcrumb li:after {
+    content: " / ";
+}
+
+.tsd-comment-tags {
+    display: flex;
+    flex-direction: column;
+}
+dl.tsd-comment-tag-group {
+    display: flex;
+    align-items: center;
+    overflow: hidden;
+    margin: 0.5em 0;
+}
+dl.tsd-comment-tag-group dt {
+    display: flex;
+    margin-right: 0.5em;
+    font-size: 0.875em;
+    font-weight: normal;
+}
+dl.tsd-comment-tag-group dd {
+    margin: 0;
+}
+code.tsd-tag {
+    padding: 0.25em 0.4em;
+    border: 0.1em solid var(--color-accent);
+    margin-right: 0.25em;
+    font-size: 70%;
+}
+h1 code.tsd-tag:first-of-type {
+    margin-left: 0.25em;
+}
+
+dl.tsd-comment-tag-group dd:before,
+dl.tsd-comment-tag-group dd:after {
+    content: " ";
+}
+dl.tsd-comment-tag-group dd pre,
+dl.tsd-comment-tag-group dd:after {
+    clear: both;
+}
+dl.tsd-comment-tag-group p {
+    margin: 0;
+}
+
+.tsd-panel.tsd-comment .lead {
+    font-size: 1.1em;
+    line-height: 1.333em;
+    margin-bottom: 2em;
+}
+.tsd-panel.tsd-comment .lead:last-child {
+    margin-bottom: 0;
+}
+
+.tsd-filter-visibility h4 {
+    font-size: 1rem;
+    padding-top: 0.75rem;
+    padding-bottom: 0.5rem;
+    margin: 0;
+}
+.tsd-filter-item:not(:last-child) {
+    margin-bottom: 0.5rem;
+}
+.tsd-filter-input {
+    display: flex;
+    width: fit-content;
+    width: -moz-fit-content;
+    align-items: center;
+    user-select: none;
+    -webkit-user-select: none;
+    -moz-user-select: none;
+    -ms-user-select: none;
+    cursor: pointer;
+}
+.tsd-filter-input input[type="checkbox"] {
+    cursor: pointer;
+    position: absolute;
+    width: 1.5em;
+    height: 1.5em;
+    opacity: 0;
+}
+.tsd-filter-input input[type="checkbox"]:disabled {
+    pointer-events: none;
+}
+.tsd-filter-input svg {
+    cursor: pointer;
+    width: 1.5em;
+    height: 1.5em;
+    margin-right: 0.5em;
+    border-radius: 0.33em;
+    /* Leaving this at full opacity breaks event listeners on Firefox.
+    Don't remove unless you know what you're doing. */
+    opacity: 0.99;
+}
+.tsd-filter-input input[type="checkbox"]:focus + svg {
+    transform: scale(0.95);
+}
+.tsd-filter-input input[type="checkbox"]:focus:not(:focus-visible) + svg {
+    transform: scale(1);
+}
+.tsd-checkbox-background {
+    fill: var(--color-accent);
+}
+input[type="checkbox"]:checked ~ svg .tsd-checkbox-checkmark {
+    stroke: var(--color-text);
+}
+.tsd-filter-input input:disabled ~ svg > .tsd-checkbox-background {
+    fill: var(--color-background);
+    stroke: var(--color-accent);
+    stroke-width: 0.25rem;
+}
+.tsd-filter-input input:disabled ~ svg > .tsd-checkbox-checkmark {
+    stroke: var(--color-accent);
+}
+
+.tsd-theme-toggle {
+    padding-top: 0.75rem;
+}
+.tsd-theme-toggle > h4 {
+    display: inline;
+    vertical-align: middle;
+    margin-right: 0.75rem;
+}
+
+.tsd-hierarchy {
+    list-style: square;
+    margin: 0;
+}
+.tsd-hierarchy .target {
+    font-weight: bold;
+}
+
+.tsd-panel-group.tsd-index-group {
+    margin-bottom: 0;
+}
+.tsd-index-panel .tsd-index-list {
+    list-style: none;
+    line-height: 1.333em;
+    margin: 0;
+    padding: 0.25rem 0 0 0;
+    overflow: hidden;
+    display: grid;
+    grid-template-columns: repeat(3, 1fr);
+    column-gap: 1rem;
+    grid-template-rows: auto;
+}
+@media (max-width: 1024px) {
+    .tsd-index-panel .tsd-index-list {
+        grid-template-columns: repeat(2, 1fr);
+    }
+}
+@media (max-width: 768px) {
+    .tsd-index-panel .tsd-index-list {
+        grid-template-columns: repeat(1, 1fr);
+    }
+}
+.tsd-index-panel .tsd-index-list li {
+    -webkit-page-break-inside: avoid;
+    -moz-page-break-inside: avoid;
+    -ms-page-break-inside: avoid;
+    -o-page-break-inside: avoid;
+    page-break-inside: avoid;
+}
+.tsd-index-panel a,
+.tsd-index-panel a.tsd-parent-kind-module {
+    color: var(--color-ts);
+}
+.tsd-index-panel a.tsd-parent-kind-interface {
+    color: var(--color-ts-interface);
+}
+.tsd-index-panel a.tsd-parent-kind-enum {
+    color: var(--color-ts-enum);
+}
+.tsd-index-panel a.tsd-parent-kind-class {
+    color: var(--color-ts-class);
+}
+.tsd-index-panel a.tsd-kind-module {
+    color: var(--color-ts-namespace);
+}
+.tsd-index-panel a.tsd-kind-interface {
+    color: var(--color-ts-interface);
+}
+.tsd-index-panel a.tsd-kind-enum {
+    color: var(--color-ts-enum);
+}
+.tsd-index-panel a.tsd-kind-class {
+    color: var(--color-ts-class);
+}
+.tsd-index-panel a.tsd-kind-function {
+    color: var(--color-ts-function);
+}
+.tsd-index-panel a.tsd-kind-namespace {
+    color: var(--color-ts-namespace);
+}
+.tsd-index-panel a.tsd-kind-variable {
+    color: var(--color-ts-variable);
+}
+.tsd-index-panel a.tsd-is-private {
+    color: var(--color-ts-private);
+}
+
+.tsd-flag {
+    display: inline-block;
+    padding: 0.25em 0.4em;
+    border-radius: 4px;
+    color: var(--color-comment-tag-text);
+    background-color: var(--color-comment-tag);
+    text-indent: 0;
+    font-size: 75%;
+    line-height: 1;
+    font-weight: normal;
+}
+
+.tsd-anchor {
+    position: absolute;
+    top: -100px;
+}
+
+.tsd-member {
+    position: relative;
+}
+.tsd-member .tsd-anchor + h3 {
+    display: flex;
+    align-items: center;
+    margin-top: 0;
+    margin-bottom: 0;
+    border-bottom: none;
+}
+.tsd-member [data-tsd-kind] {
+    color: var(--color-ts);
+}
+.tsd-member [data-tsd-kind="Interface"] {
+    color: var(--color-ts-interface);
+}
+.tsd-member [data-tsd-kind="Enum"] {
+    color: var(--color-ts-enum);
+}
+.tsd-member [data-tsd-kind="Class"] {
+    color: var(--color-ts-class);
+}
+.tsd-member [data-tsd-kind="Private"] {
+    color: var(--color-ts-private);
+}
+
+.tsd-navigation a {
+    display: block;
+    margin: 0.4rem 0;
+    border-left: 2px solid transparent;
+    color: var(--color-text);
+    text-decoration: none;
+    transition: border-left-color 0.1s;
+}
+.tsd-navigation a:hover {
+    text-decoration: underline;
+}
+.tsd-navigation ul {
+    margin: 0;
+    padding: 0;
+    list-style: none;
+}
+.tsd-navigation li {
+    padding: 0;
+}
+
+.tsd-navigation.primary .tsd-accordion-details > ul {
+    margin-top: 0.75rem;
+}
+.tsd-navigation.primary a {
+    padding: 0.75rem 0.5rem;
+    margin: 0;
+}
+.tsd-navigation.primary ul li a {
+    margin-left: 0.5rem;
+}
+.tsd-navigation.primary ul li li a {
+    margin-left: 1.5rem;
+}
+.tsd-navigation.primary ul li li li a {
+    margin-left: 2.5rem;
+}
+.tsd-navigation.primary ul li li li li a {
+    margin-left: 3.5rem;
+}
+.tsd-navigation.primary ul li li li li li a {
+    margin-left: 4.5rem;
+}
+.tsd-navigation.primary ul li li li li li li a {
+    margin-left: 5.5rem;
+}
+.tsd-navigation.primary li.current > a {
+    border-left: 0.15rem var(--color-text) solid;
+}
+.tsd-navigation.primary li.selected > a {
+    font-weight: bold;
+    border-left: 0.2rem var(--color-text) solid;
+}
+.tsd-navigation.primary ul li a:hover {
+    border-left: 0.2rem var(--color-text-aside) solid;
+}
+.tsd-navigation.primary li.globals + li > span,
+.tsd-navigation.primary li.globals + li > a {
+    padding-top: 20px;
+}
+
+.tsd-navigation.secondary.tsd-navigation--toolbar-hide {
+    max-height: calc(100vh - 1rem);
+    top: 0.5rem;
+}
+.tsd-navigation.secondary > ul {
+    display: inline;
+    padding-right: 0.5rem;
+    transition: opacity 0.2s;
+}
+.tsd-navigation.secondary ul li a {
+    padding-left: 0;
+}
+.tsd-navigation.secondary ul li li a {
+    padding-left: 1.1rem;
+}
+.tsd-navigation.secondary ul li li li a {
+    padding-left: 2.2rem;
+}
+.tsd-navigation.secondary ul li li li li a {
+    padding-left: 3.3rem;
+}
+.tsd-navigation.secondary ul li li li li li a {
+    padding-left: 4.4rem;
+}
+.tsd-navigation.secondary ul li li li li li li a {
+    padding-left: 5.5rem;
+}
+
+a.tsd-index-link {
+    margin: 0.25rem 0;
+    font-size: 1rem;
+    line-height: 1.25rem;
+    display: inline-flex;
+    align-items: center;
+}
+.tsd-accordion-summary > h1,
+.tsd-accordion-summary > h2,
+.tsd-accordion-summary > h3,
+.tsd-accordion-summary > h4,
+.tsd-accordion-summary > h5 {
+    display: inline-flex;
+    align-items: center;
+    vertical-align: middle;
+    margin-bottom: 0;
+    user-select: none;
+    -moz-user-select: none;
+    -webkit-user-select: none;
+    -ms-user-select: none;
+}
+.tsd-accordion-summary {
+    display: block;
+    cursor: pointer;
+}
+.tsd-accordion-summary > * {
+    margin-top: 0;
+    margin-bottom: 0;
+    padding-top: 0;
+    padding-bottom: 0;
+}
+.tsd-accordion-summary::-webkit-details-marker {
+    display: none;
+}
+.tsd-index-accordion .tsd-accordion-summary svg {
+    margin-right: 0.25rem;
+}
+.tsd-index-content > :not(:first-child) {
+    margin-top: 0.75rem;
+}
+.tsd-index-heading {
+    margin-top: 1.5rem;
+    margin-bottom: 0.75rem;
+}
+
+.tsd-kind-icon {
+    margin-right: 0.5rem;
+    width: 1.25rem;
+    height: 1.25rem;
+    min-width: 1.25rem;
+    min-height: 1.25rem;
+}
+.tsd-kind-icon path {
+    transform-origin: center;
+    transform: scale(1.1);
+}
+.tsd-signature > .tsd-kind-icon {
+    margin-right: 0.8rem;
+}
+
+@media (min-width: 1024px) {
+    .col-content {
+        margin: 2rem auto;
+    }
+
+    .menu-sticky-wrap {
+        position: sticky;
+        height: calc(100vh - 2rem);
+        top: 4rem;
+        right: 0;
+        padding: 0 1.5rem;
+        padding-top: 1rem;
+        margin-top: 3rem;
+        transition: 0.3s ease-in-out;
+        transition-property: top, padding-top, padding, height;
+        overflow-y: auto;
+    }
+    .col-menu {
+        border-left: 1px solid var(--color-accent);
+    }
+    .col-menu--hide {
+        top: 1rem;
+    }
+    .col-menu .tsd-navigation:not(:last-child) {
+        padding-bottom: 1.75rem;
+    }
+}
+
+.tsd-panel {
+    margin-bottom: 2.5rem;
+}
+.tsd-panel.tsd-member {
+    margin-bottom: 4rem;
+}
+.tsd-panel:empty {
+    display: none;
+}
+.tsd-panel > h1,
+.tsd-panel > h2,
+.tsd-panel > h3 {
+    margin: 1.5rem -1.5rem 0.75rem -1.5rem;
+    padding: 0 1.5rem 0.75rem 1.5rem;
+}
+.tsd-panel > h1.tsd-before-signature,
+.tsd-panel > h2.tsd-before-signature,
+.tsd-panel > h3.tsd-before-signature {
+    margin-bottom: 0;
+    border-bottom: none;
+}
+
+.tsd-panel-group {
+    margin: 4rem 0;
+}
+.tsd-panel-group.tsd-index-group {
+    margin: 2rem 0;
+}
+.tsd-panel-group.tsd-index-group details {
+    margin: 2rem 0;
+}
+
+#tsd-search {
+    transition: background-color 0.2s;
+}
+#tsd-search .title {
+    position: relative;
+    z-index: 2;
+}
+#tsd-search .field {
+    position: absolute;
+    left: 0;
+    top: 0;
+    right: 2.5rem;
+    height: 100%;
+}
+#tsd-search .field input {
+    box-sizing: border-box;
+    position: relative;
+    top: -50px;
+    z-index: 1;
+    width: 100%;
+    padding: 0 10px;
+    opacity: 0;
+    outline: 0;
+    border: 0;
+    background: transparent;
+    color: var(--color-text);
+}
+#tsd-search .field label {
+    position: absolute;
+    overflow: hidden;
+    right: -40px;
+}
+#tsd-search .field input,
+#tsd-search .title {
+    transition: opacity 0.2s;
+}
+#tsd-search .results {
+    position: absolute;
+    visibility: hidden;
+    top: 40px;
+    width: 100%;
+    margin: 0;
+    padding: 0;
+    list-style: none;
+    box-shadow: 0 0 4px rgba(0, 0, 0, 0.25);
+}
+#tsd-search .results li {
+    padding: 0 10px;
+    background-color: var(--color-background);
+}
+#tsd-search .results li:nth-child(even) {
+    background-color: var(--color-background-secondary);
+}
+#tsd-search .results li.state {
+    display: none;
+}
+#tsd-search .results li.current,
+#tsd-search .results li:hover {
+    background-color: var(--color-accent);
+}
+#tsd-search .results a {
+    display: block;
+}
+#tsd-search .results a:before {
+    top: 10px;
+}
+#tsd-search .results span.parent {
+    color: var(--color-text-aside);
+    font-weight: normal;
+}
+#tsd-search.has-focus {
+    background-color: var(--color-accent);
+}
+#tsd-search.has-focus .field input {
+    top: 0;
+    opacity: 1;
+}
+#tsd-search.has-focus .title {
+    z-index: 0;
+    opacity: 0;
+}
+#tsd-search.has-focus .results {
+    visibility: visible;
+}
+#tsd-search.loading .results li.state.loading {
+    display: block;
+}
+#tsd-search.failure .results li.state.failure {
+    display: block;
+}
+
+.tsd-signature {
+    margin: 0 0 1rem 0;
+    padding: 1rem 0.5rem;
+    border: 1px solid var(--color-accent);
+    font-family: Menlo, Monaco, Consolas, "Courier New", monospace;
+    font-size: 14px;
+    overflow-x: auto;
+}
+
+.tsd-signature-symbol {
+    color: var(--color-text-aside);
+    font-weight: normal;
+}
+
+.tsd-signature-type {
+    font-style: italic;
+    font-weight: normal;
+}
+
+.tsd-signatures {
+    padding: 0;
+    margin: 0 0 1em 0;
+    list-style-type: none;
+}
+.tsd-signatures .tsd-signature {
+    margin: 0;
+    border-color: var(--color-accent);
+    border-width: 1px 0;
+    transition: background-color 0.1s;
+}
+.tsd-description .tsd-signatures .tsd-signature {
+    border-width: 1px;
+}
+
+ul.tsd-parameter-list,
+ul.tsd-type-parameter-list {
+    list-style: square;
+    margin: 0;
+    padding-left: 20px;
+}
+ul.tsd-parameter-list > li.tsd-parameter-signature,
+ul.tsd-type-parameter-list > li.tsd-parameter-signature {
+    list-style: none;
+    margin-left: -20px;
+}
+ul.tsd-parameter-list h5,
+ul.tsd-type-parameter-list h5 {
+    font-size: 16px;
+    margin: 1em 0 0.5em 0;
+}
+.tsd-sources {
+    margin-top: 1rem;
+    font-size: 0.875em;
+}
+.tsd-sources a {
+    color: var(--color-text-aside);
+    text-decoration: underline;
+}
+.tsd-sources ul {
+    list-style: none;
+    padding: 0;
+}
+
+.tsd-page-toolbar {
+    position: fixed;
+    z-index: 1;
+    top: 0;
+    left: 0;
+    width: 100%;
+    color: var(--color-text);
+    background: var(--color-background-secondary);
+    border-bottom: 1px var(--color-accent) solid;
+    transition: transform 0.3s ease-in-out;
+}
+.tsd-page-toolbar a {
+    color: var(--color-text);
+    text-decoration: none;
+}
+.tsd-page-toolbar a.title {
+    font-weight: bold;
+}
+.tsd-page-toolbar a.title:hover {
+    text-decoration: underline;
+}
+.tsd-page-toolbar .tsd-toolbar-contents {
+    display: flex;
+    justify-content: space-between;
+    height: 2.5rem;
+    margin: 0 auto;
+}
+.tsd-page-toolbar .table-cell {
+    position: relative;
+    white-space: nowrap;
+    line-height: 40px;
+}
+.tsd-page-toolbar .table-cell:first-child {
+    width: 100%;
+}
+
+.tsd-page-toolbar--hide {
+    transform: translateY(-100%);
+}
+
+.tsd-widget {
+    display: inline-block;
+    overflow: hidden;
+    opacity: 0.8;
+    height: 40px;
+    transition: opacity 0.1s, background-color 0.2s;
+    vertical-align: bottom;
+    cursor: pointer;
+}
+.tsd-widget:hover {
+    opacity: 0.9;
+}
+.tsd-widget.active {
+    opacity: 1;
+    background-color: var(--color-accent);
+}
+.tsd-widget.no-caption {
+    width: 40px;
+}
+.tsd-widget.no-caption:before {
+    margin: 0;
+}
+
+.tsd-widget.options,
+.tsd-widget.menu {
+    display: none;
+}
+@media (max-width: 1024px) {
+    .tsd-widget.options,
+    .tsd-widget.menu {
+        display: inline-block;
+    }
+}
+input[type="checkbox"] + .tsd-widget:before {
+    background-position: -120px 0;
+}
+input[type="checkbox"]:checked + .tsd-widget:before {
+    background-position: -160px 0;
+}
+
+img {
+    max-width: 100%;
+}
+
+.tsd-anchor-icon {
+    display: inline-flex;
+    align-items: center;
+    margin-left: 0.5rem;
+    vertical-align: middle;
+    color: var(--color-text);
+}
+
+.tsd-anchor-icon svg {
+    width: 1em;
+    height: 1em;
+    visibility: hidden;
+}
+
+.tsd-anchor-link:hover > .tsd-anchor-icon svg {
+    visibility: visible;
+}
+
+.deprecated {
+    text-decoration: line-through;
+}
+
+* {
+    scrollbar-width: thin;
+    scrollbar-color: var(--color-accent) var(--color-icon-background);
+}
+
+*::-webkit-scrollbar {
+    width: 0.75rem;
+}
+
+*::-webkit-scrollbar-track {
+    background: var(--color-icon-background);
+}
+
+*::-webkit-scrollbar-thumb {
+    background-color: var(--color-accent);
+    border-radius: 999rem;
+    border: 0.25rem solid var(--color-icon-background);
+}
diff --git a/docs/content-security-policy/assets/widgets.png b/docs/content-security-policy/assets/widgets.png
new file mode 100644
index 0000000000000000000000000000000000000000..c7380532ac1b45400620011c37c4dcb7aec27a4c
GIT binary patch
literal 480
zcmeAS@N?(olHy`uVBq!ia0y~yU~~YoH8@y+q^jrZML>b&o-U3d6^w6h1+IPUz|;DW
zIZ;96kdsD>Qv^q=09&hp0GpEni<1IR%gvP3v%OR9*{MuRTKWHZyIbuBt)Ci`cU_&%
z1T+i^Y)o{%281-<3TpPAUTzw5v;RY=>1rvxmPl96#kYc9hX!6V^nB|ad#(S+)}?8C
zr_H+lT3B#So$T=?$(w3-{rbQ4R<@nsf$}$hwSO)A$8&`(j+wQf=Jwhb0`CvhR5DCf
z^OgI)KQemrUFPH+UynC$Y~QHG%DbTVh-Skz{enNU)cV_hPu~{TD7TPZl>0&K>iuE|
z7AYn$<f?qDn<D7%t@_^M`}t`}tQUTB<b|cys~qQC(7U7mNeaXFzvph2ZJby5=y?H)
zu!FRle5W(R_P>7)Jrb9GE&SfQW4q&G*@N|4cHI`VakFa5-C!ov&XD)J(qp$rJJ*9e
z-sHv}#g*T7Cv048d1v~BEAzM5FztAse#q78WWC^B<r7kBKcv(gmaJX;-oJ3CyTLi7
zUGKy%vKTy*I_B8_AXqS^clP{8c~VnLLw*O``y1ghf5LiRg?hIG#Va#lfeNA<>UCzQ
U&wLp6h6BX&boFyt=akR{0G%$)mH+?%

literal 0
HcmV?d00001

diff --git a/docs/content-security-policy/assets/widgets@2x.png b/docs/content-security-policy/assets/widgets@2x.png
new file mode 100644
index 0000000000000000000000000000000000000000..4bbbd57272f3b28f47527d4951ad10f950b8ad43
GIT binary patch
literal 855
zcmeAS@N?(olHy`uVBq!ia0y~yU}^xe12~w0<i1TN;y}tcz$e5NNRtW{v$~xG>Jcmn
z@(X6T|9^jgLcx21{)7exgY)a>N6m2F0<`Rqr;B4q1>>88jUdw-7W`c)zLE*mq8W2H
z-<&Jl_Hco5BuC5n@AbF5GD82~-e8-v=#zCyUX0F-o}8pPfAv`!GN$ff+TL<~@kgt}
z62eO?_|&+>xBmM$@p|z`tIKEdpPf8%qI>4r7@jn<=eta*{3~?g(zz{Ke9zc-G^gr?
z-7foa?LcS!hmbwzru}ICvbWLlW8;+l-}!^=c32!^nV`+`C*;0-*Y%l94pC;Cb3GXz
zzSf%a!{gVr{Y_lVuUj+a)*Ca+<Ue1=oN!I>!-Hu%xmP&&X-2CuANY8^i{D7Kg6qzP
zXz_ps9+lN8ESH{K4`y<koVa&$<z$fy#Y_&nWfs4Q-`gM<ab^x{$FjqRTqUlT^2GG0
zX)buq(okmUcGG@S=%j|TXKpT;R~ezq@O<i$<+2UQvL>u&b~I>N9xGlE&;2u<VUxbW
zMDv9esy$Uqzh*J4SX1~(U|w+OpKRTP*S;P%%OoH6b~VfkuJK*PqVwn~w})O)mht}*
zuY%uZJ=_*Q=DGMEU`dIe?8Vq!p&R<KyUmf+OflAB(|S*CM%y^;$dEtT_uF2oO8l`~
z&8qWg>*b?+Go!AhN?m-bxlLvtC#MzDF2kFzfHJ1W7ybqdefSqVhbOykd*Yi%EDuhs
z4wF{ft^bv2+DDnKb8gj1FuvcV`M}luS>lO<^)8x>y1#R;a=-ZKwWTQQb)ioBbi;zh
zD!f5V)8581to1LL7c9!l^PSC$NBPYif!_vAZhmL4)v4U)4UsrLYiH_9rmQDd?)(e5
z^pcH>qvBg*i0dus2r*mp4;zKvu=P#s-ti;2obl`NjjwoYd>e(oo#j_uyRb<7Pv^If
zzZ|mGHmV)8^tbO%^>eqMw(@7(&3g{jEp-Najo<c9d+_hN%-sXQuZvHt|MtLv4VWSm
iChY%eyAPC6P{0GV>7V75xI_ZHK*FA`elF{r5}E*d7+j_R

literal 0
HcmV?d00001

diff --git a/docs/content-security-policy/functions/cspDirectives.html b/docs/content-security-policy/functions/cspDirectives.html
new file mode 100644
index 00000000..9a75eddd
--- /dev/null
+++ b/docs/content-security-policy/functions/cspDirectives.html
@@ -0,0 +1,59 @@
+<!DOCTYPE html><html class="default" lang="en"><head><meta charSet="utf-8"/><meta http-equiv="x-ua-compatible" content="IE=edge"/><title>cspDirectives | @jackdbd/content-security-policy</title><meta name="description" content="Documentation for @jackdbd/content-security-policy"/><meta name="viewport" content="width=device-width, initial-scale=1"/><link rel="stylesheet" href="../assets/style.css"/><link rel="stylesheet" href="../assets/highlight.css"/><script async src="../assets/search.js" id="search-script"></script></head><body><script>document.documentElement.dataset.theme = localStorage.getItem("tsd-theme") || "os"</script><header class="tsd-page-toolbar">
+<div class="tsd-toolbar-contents container">
+<div class="table-cell" id="tsd-search" data-base="..">
+<div class="field"><label for="tsd-search-field" class="tsd-widget search no-caption"><svg width="16" height="16" viewBox="0 0 16 16" fill="none"><path d="M15.7824 13.833L12.6666 10.7177C12.5259 10.5771 12.3353 10.499 12.1353 10.499H11.6259C12.4884 9.39596 13.001 8.00859 13.001 6.49937C13.001 2.90909 10.0914 0 6.50048 0C2.90959 0 0 2.90909 0 6.49937C0 10.0896 2.90959 12.9987 6.50048 12.9987C8.00996 12.9987 9.39756 12.4863 10.5008 11.6239V12.1332C10.5008 12.3332 10.5789 12.5238 10.7195 12.6644L13.8354 15.7797C14.1292 16.0734 14.6042 16.0734 14.8948 15.7797L15.7793 14.8954C16.0731 14.6017 16.0731 14.1267 15.7824 13.833ZM6.50048 10.499C4.29094 10.499 2.50018 8.71165 2.50018 6.49937C2.50018 4.29021 4.28781 2.49976 6.50048 2.49976C8.71001 2.49976 10.5008 4.28708 10.5008 6.49937C10.5008 8.70852 8.71314 10.499 6.50048 10.499Z" fill="var(--color-text)"></path></svg></label><input type="text" id="tsd-search-field" aria-label="Search"/></div>
+<ul class="results">
+<li class="state loading">Preparing search index...</li>
+<li class="state failure">The search index is not available</li></ul><a href="../index.html" class="title">@jackdbd/content-security-policy</a></div>
+<div class="table-cell" id="tsd-widgets"><a href="#" class="tsd-widget menu no-caption" data-toggle="menu" aria-label="Menu"><svg width="16" height="16" viewBox="0 0 16 16" fill="none"><rect x="1" y="3" width="14" height="2" fill="var(--color-text)"></rect><rect x="1" y="7" width="14" height="2" fill="var(--color-text)"></rect><rect x="1" y="11" width="14" height="2" fill="var(--color-text)"></rect></svg></a></div></div></header>
+<div class="container container-main">
+<div class="col-8 col-content">
+<div class="tsd-page-title">
+<ul class="tsd-breadcrumb">
+<li><a href="../modules.html">@jackdbd/content-security-policy</a></li>
+<li><a href="cspDirectives.html">cspDirectives</a></li></ul>
+<h1>Function cspDirectives</h1></div>
+<section class="tsd-panel">
+<ul class="tsd-signatures tsd-kind-function">
+<li class="tsd-signature tsd-anchor-link" id="cspDirectives">csp<wbr/>Directives<span class="tsd-signature-symbol">(</span>__namedParameters<span class="tsd-signature-symbol">: </span><a href="../interfaces/Config.html" class="tsd-signature-type" data-tsd-kind="Interface">Config</a><span class="tsd-signature-symbol">)</span><span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">Promise</span><span class="tsd-signature-symbol">&lt;</span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol">&gt;</span><a href="#cspDirectives" aria-label="Permalink" class="tsd-anchor-icon"><svg class="icon icon-tabler icon-tabler-link" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none" id="icon-anchor-a"></path><path d="M10 14a3.5 3.5 0 0 0 5 0l4 -4a3.5 3.5 0 0 0 -5 -5l-.5 .5" id="icon-anchor-b"></path><path d="M14 10a3.5 3.5 0 0 0 -5 0l-4 4a3.5 3.5 0 0 0 5 5l.5 -.5" id="icon-anchor-c"></path></svg></a></li>
+<li class="tsd-description">
+<div class="tsd-parameters">
+<h4 class="tsd-parameters-title">Parameters</h4>
+<ul class="tsd-parameter-list">
+<li>
+<h5>__namedParameters: <a href="../interfaces/Config.html" class="tsd-signature-type" data-tsd-kind="Interface">Config</a></h5></li></ul></div>
+<h4 class="tsd-returns-title">Returns <span class="tsd-signature-type">Promise</span><span class="tsd-signature-symbol">&lt;</span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol">&gt;</span></h4><aside class="tsd-sources">
+<ul>
+<li>Defined in csp-directives.ts:24</li></ul></aside></li></ul></section></div>
+<div class="col-4 col-menu menu-sticky-wrap menu-highlight">
+<div class="tsd-navigation settings">
+<details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
+<h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.93896 8.531L12 15.591L19.061 8.531L16.939 6.409L12 11.349L7.06098 6.409L4.93896 8.531Z" fill="var(--color-text)"></path></svg> Settings</h3></summary>
+<div class="tsd-accordion-details">
+<div class="tsd-filter-visibility">
+<h4 class="uppercase">Member Visibility</h4><form>
+<ul id="tsd-filter-options">
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-protected" name="protected"/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>Protected</span></label></li>
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-inherited" name="inherited" checked/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>Inherited</span></label></li>
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-external" name="external"/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>External</span></label></li></ul></form></div>
+<div class="tsd-theme-toggle">
+<h4 class="uppercase">Theme</h4><select id="theme"><option value="os">OS</option><option value="light">Light</option><option value="dark">Dark</option></select></div></div></details></div>
+<nav class="tsd-navigation primary">
+<details class="tsd-index-accordion" open><summary class="tsd-accordion-summary">
+<h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.93896 8.531L12 15.591L19.061 8.531L16.939 6.409L12 11.349L7.06098 6.409L4.93896 8.531Z" fill="var(--color-text)"></path></svg> Modules</h3></summary>
+<div class="tsd-accordion-details">
+<ul>
+<li><a href="../modules.html">@jackdbd/content-<wbr/>security-<wbr/>policy</a>
+<ul></ul></li></ul></div></details></nav>
+<nav class="tsd-navigation secondary menu-sticky">
+<ul>
+<li class="tsd-kind-interface"><a href="../interfaces/Config.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-interface)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-256-path"></rect><path d="M9.51 16V15.016H11.298V8.224H9.51V7.24H14.19V8.224H12.402V15.016H14.19V16H9.51Z" fill="var(--color-text)" id="icon-256-text"></path></svg>Config</a></li>
+<li class="tsd-kind-interface"><a href="../interfaces/Directives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Directives</a></li>
+<li class="tsd-kind-variable"><a href="../variables/recommended_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-variable)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-32-path"></rect><path d="M11.106 16L8.85 7.24H9.966L11.454 13.192C11.558 13.608 11.646 13.996 11.718 14.356C11.79 14.708 11.842 14.976 11.874 15.16C11.906 14.976 11.954 14.708 12.018 14.356C12.09 13.996 12.178 13.608 12.282 13.192L13.758 7.24H14.85L12.582 16H11.106Z" fill="var(--color-text)" id="icon-32-text"></path></svg>recommended_<wbr/>policy</a></li>
+<li class="tsd-kind-variable"><a href="../variables/starter_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-32-path"></use><use href="#icon-32-text"></use></svg>starter_<wbr/>policy</a></li>
+<li class="current tsd-kind-function"><a href="cspDirectives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-function)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-64-path"></rect><path d="M9.39 16V7.24H14.55V8.224H10.446V11.128H14.238V12.112H10.47V16H9.39Z" fill="var(--color-text)" id="icon-64-text"></path></svg>csp<wbr/>Directives</a></li>
+<li class="tsd-kind-function"><a href="cspHeader.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>csp<wbr/>Header</a></li>
+<li class="tsd-kind-function"><a href="cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li></ul></nav></div></div>
+<div class="container tsd-generator">
+<p>Generated using <a href="https://typedoc.org/" target="_blank">TypeDoc</a></p></div>
+<div class="overlay"></div><script src="../assets/main.js"></script></body></html>
\ No newline at end of file
diff --git a/docs/content-security-policy/functions/cspHeader.html b/docs/content-security-policy/functions/cspHeader.html
new file mode 100644
index 00000000..6220def2
--- /dev/null
+++ b/docs/content-security-policy/functions/cspHeader.html
@@ -0,0 +1,59 @@
+<!DOCTYPE html><html class="default" lang="en"><head><meta charSet="utf-8"/><meta http-equiv="x-ua-compatible" content="IE=edge"/><title>cspHeader | @jackdbd/content-security-policy</title><meta name="description" content="Documentation for @jackdbd/content-security-policy"/><meta name="viewport" content="width=device-width, initial-scale=1"/><link rel="stylesheet" href="../assets/style.css"/><link rel="stylesheet" href="../assets/highlight.css"/><script async src="../assets/search.js" id="search-script"></script></head><body><script>document.documentElement.dataset.theme = localStorage.getItem("tsd-theme") || "os"</script><header class="tsd-page-toolbar">
+<div class="tsd-toolbar-contents container">
+<div class="table-cell" id="tsd-search" data-base="..">
+<div class="field"><label for="tsd-search-field" class="tsd-widget search no-caption"><svg width="16" height="16" viewBox="0 0 16 16" fill="none"><path d="M15.7824 13.833L12.6666 10.7177C12.5259 10.5771 12.3353 10.499 12.1353 10.499H11.6259C12.4884 9.39596 13.001 8.00859 13.001 6.49937C13.001 2.90909 10.0914 0 6.50048 0C2.90959 0 0 2.90909 0 6.49937C0 10.0896 2.90959 12.9987 6.50048 12.9987C8.00996 12.9987 9.39756 12.4863 10.5008 11.6239V12.1332C10.5008 12.3332 10.5789 12.5238 10.7195 12.6644L13.8354 15.7797C14.1292 16.0734 14.6042 16.0734 14.8948 15.7797L15.7793 14.8954C16.0731 14.6017 16.0731 14.1267 15.7824 13.833ZM6.50048 10.499C4.29094 10.499 2.50018 8.71165 2.50018 6.49937C2.50018 4.29021 4.28781 2.49976 6.50048 2.49976C8.71001 2.49976 10.5008 4.28708 10.5008 6.49937C10.5008 8.70852 8.71314 10.499 6.50048 10.499Z" fill="var(--color-text)"></path></svg></label><input type="text" id="tsd-search-field" aria-label="Search"/></div>
+<ul class="results">
+<li class="state loading">Preparing search index...</li>
+<li class="state failure">The search index is not available</li></ul><a href="../index.html" class="title">@jackdbd/content-security-policy</a></div>
+<div class="table-cell" id="tsd-widgets"><a href="#" class="tsd-widget menu no-caption" data-toggle="menu" aria-label="Menu"><svg width="16" height="16" viewBox="0 0 16 16" fill="none"><rect x="1" y="3" width="14" height="2" fill="var(--color-text)"></rect><rect x="1" y="7" width="14" height="2" fill="var(--color-text)"></rect><rect x="1" y="11" width="14" height="2" fill="var(--color-text)"></rect></svg></a></div></div></header>
+<div class="container container-main">
+<div class="col-8 col-content">
+<div class="tsd-page-title">
+<ul class="tsd-breadcrumb">
+<li><a href="../modules.html">@jackdbd/content-security-policy</a></li>
+<li><a href="cspHeader.html">cspHeader</a></li></ul>
+<h1>Function cspHeader</h1></div>
+<section class="tsd-panel">
+<ul class="tsd-signatures tsd-kind-function">
+<li class="tsd-signature tsd-anchor-link" id="cspHeader">csp<wbr/>Header<span class="tsd-signature-symbol">(</span>__namedParameters<span class="tsd-signature-symbol">: </span><a href="../interfaces/Config.html" class="tsd-signature-type" data-tsd-kind="Interface">Config</a><span class="tsd-signature-symbol">)</span><span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">Promise</span><span class="tsd-signature-symbol">&lt;</span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">&gt;</span><a href="#cspHeader" aria-label="Permalink" class="tsd-anchor-icon"><svg class="icon icon-tabler icon-tabler-link" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none" id="icon-anchor-a"></path><path d="M10 14a3.5 3.5 0 0 0 5 0l4 -4a3.5 3.5 0 0 0 -5 -5l-.5 .5" id="icon-anchor-b"></path><path d="M14 10a3.5 3.5 0 0 0 -5 0l-4 4a3.5 3.5 0 0 0 5 5l.5 -.5" id="icon-anchor-c"></path></svg></a></li>
+<li class="tsd-description">
+<div class="tsd-parameters">
+<h4 class="tsd-parameters-title">Parameters</h4>
+<ul class="tsd-parameter-list">
+<li>
+<h5>__namedParameters: <a href="../interfaces/Config.html" class="tsd-signature-type" data-tsd-kind="Interface">Config</a></h5></li></ul></div>
+<h4 class="tsd-returns-title">Returns <span class="tsd-signature-type">Promise</span><span class="tsd-signature-symbol">&lt;</span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">&gt;</span></h4><aside class="tsd-sources">
+<ul>
+<li>Defined in csp-directives.ts:107</li></ul></aside></li></ul></section></div>
+<div class="col-4 col-menu menu-sticky-wrap menu-highlight">
+<div class="tsd-navigation settings">
+<details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
+<h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.93896 8.531L12 15.591L19.061 8.531L16.939 6.409L12 11.349L7.06098 6.409L4.93896 8.531Z" fill="var(--color-text)"></path></svg> Settings</h3></summary>
+<div class="tsd-accordion-details">
+<div class="tsd-filter-visibility">
+<h4 class="uppercase">Member Visibility</h4><form>
+<ul id="tsd-filter-options">
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-protected" name="protected"/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>Protected</span></label></li>
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-inherited" name="inherited" checked/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>Inherited</span></label></li>
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-external" name="external"/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>External</span></label></li></ul></form></div>
+<div class="tsd-theme-toggle">
+<h4 class="uppercase">Theme</h4><select id="theme"><option value="os">OS</option><option value="light">Light</option><option value="dark">Dark</option></select></div></div></details></div>
+<nav class="tsd-navigation primary">
+<details class="tsd-index-accordion" open><summary class="tsd-accordion-summary">
+<h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.93896 8.531L12 15.591L19.061 8.531L16.939 6.409L12 11.349L7.06098 6.409L4.93896 8.531Z" fill="var(--color-text)"></path></svg> Modules</h3></summary>
+<div class="tsd-accordion-details">
+<ul>
+<li><a href="../modules.html">@jackdbd/content-<wbr/>security-<wbr/>policy</a>
+<ul></ul></li></ul></div></details></nav>
+<nav class="tsd-navigation secondary menu-sticky">
+<ul>
+<li class="tsd-kind-interface"><a href="../interfaces/Config.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-interface)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-256-path"></rect><path d="M9.51 16V15.016H11.298V8.224H9.51V7.24H14.19V8.224H12.402V15.016H14.19V16H9.51Z" fill="var(--color-text)" id="icon-256-text"></path></svg>Config</a></li>
+<li class="tsd-kind-interface"><a href="../interfaces/Directives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Directives</a></li>
+<li class="tsd-kind-variable"><a href="../variables/recommended_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-variable)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-32-path"></rect><path d="M11.106 16L8.85 7.24H9.966L11.454 13.192C11.558 13.608 11.646 13.996 11.718 14.356C11.79 14.708 11.842 14.976 11.874 15.16C11.906 14.976 11.954 14.708 12.018 14.356C12.09 13.996 12.178 13.608 12.282 13.192L13.758 7.24H14.85L12.582 16H11.106Z" fill="var(--color-text)" id="icon-32-text"></path></svg>recommended_<wbr/>policy</a></li>
+<li class="tsd-kind-variable"><a href="../variables/starter_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-32-path"></use><use href="#icon-32-text"></use></svg>starter_<wbr/>policy</a></li>
+<li class="tsd-kind-function"><a href="cspDirectives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-function)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-64-path"></rect><path d="M9.39 16V7.24H14.55V8.224H10.446V11.128H14.238V12.112H10.47V16H9.39Z" fill="var(--color-text)" id="icon-64-text"></path></svg>csp<wbr/>Directives</a></li>
+<li class="current tsd-kind-function"><a href="cspHeader.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>csp<wbr/>Header</a></li>
+<li class="tsd-kind-function"><a href="cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li></ul></nav></div></div>
+<div class="container tsd-generator">
+<p>Generated using <a href="https://typedoc.org/" target="_blank">TypeDoc</a></p></div>
+<div class="overlay"></div><script src="../assets/main.js"></script></body></html>
\ No newline at end of file
diff --git a/docs/content-security-policy/functions/cspJSON.html b/docs/content-security-policy/functions/cspJSON.html
new file mode 100644
index 00000000..d2a98974
--- /dev/null
+++ b/docs/content-security-policy/functions/cspJSON.html
@@ -0,0 +1,59 @@
+<!DOCTYPE html><html class="default" lang="en"><head><meta charSet="utf-8"/><meta http-equiv="x-ua-compatible" content="IE=edge"/><title>cspJSON | @jackdbd/content-security-policy</title><meta name="description" content="Documentation for @jackdbd/content-security-policy"/><meta name="viewport" content="width=device-width, initial-scale=1"/><link rel="stylesheet" href="../assets/style.css"/><link rel="stylesheet" href="../assets/highlight.css"/><script async src="../assets/search.js" id="search-script"></script></head><body><script>document.documentElement.dataset.theme = localStorage.getItem("tsd-theme") || "os"</script><header class="tsd-page-toolbar">
+<div class="tsd-toolbar-contents container">
+<div class="table-cell" id="tsd-search" data-base="..">
+<div class="field"><label for="tsd-search-field" class="tsd-widget search no-caption"><svg width="16" height="16" viewBox="0 0 16 16" fill="none"><path d="M15.7824 13.833L12.6666 10.7177C12.5259 10.5771 12.3353 10.499 12.1353 10.499H11.6259C12.4884 9.39596 13.001 8.00859 13.001 6.49937C13.001 2.90909 10.0914 0 6.50048 0C2.90959 0 0 2.90909 0 6.49937C0 10.0896 2.90959 12.9987 6.50048 12.9987C8.00996 12.9987 9.39756 12.4863 10.5008 11.6239V12.1332C10.5008 12.3332 10.5789 12.5238 10.7195 12.6644L13.8354 15.7797C14.1292 16.0734 14.6042 16.0734 14.8948 15.7797L15.7793 14.8954C16.0731 14.6017 16.0731 14.1267 15.7824 13.833ZM6.50048 10.499C4.29094 10.499 2.50018 8.71165 2.50018 6.49937C2.50018 4.29021 4.28781 2.49976 6.50048 2.49976C8.71001 2.49976 10.5008 4.28708 10.5008 6.49937C10.5008 8.70852 8.71314 10.499 6.50048 10.499Z" fill="var(--color-text)"></path></svg></label><input type="text" id="tsd-search-field" aria-label="Search"/></div>
+<ul class="results">
+<li class="state loading">Preparing search index...</li>
+<li class="state failure">The search index is not available</li></ul><a href="../index.html" class="title">@jackdbd/content-security-policy</a></div>
+<div class="table-cell" id="tsd-widgets"><a href="#" class="tsd-widget menu no-caption" data-toggle="menu" aria-label="Menu"><svg width="16" height="16" viewBox="0 0 16 16" fill="none"><rect x="1" y="3" width="14" height="2" fill="var(--color-text)"></rect><rect x="1" y="7" width="14" height="2" fill="var(--color-text)"></rect><rect x="1" y="11" width="14" height="2" fill="var(--color-text)"></rect></svg></a></div></div></header>
+<div class="container container-main">
+<div class="col-8 col-content">
+<div class="tsd-page-title">
+<ul class="tsd-breadcrumb">
+<li><a href="../modules.html">@jackdbd/content-security-policy</a></li>
+<li><a href="cspJSON.html">cspJSON</a></li></ul>
+<h1>Function cspJSON</h1></div>
+<section class="tsd-panel">
+<ul class="tsd-signatures tsd-kind-function">
+<li class="tsd-signature tsd-anchor-link" id="cspJSON">cspJSON<span class="tsd-signature-symbol">(</span>__namedParameters<span class="tsd-signature-symbol">: </span><a href="../interfaces/Config.html" class="tsd-signature-type" data-tsd-kind="Interface">Config</a><span class="tsd-signature-symbol">)</span><span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">Promise</span><span class="tsd-signature-symbol">&lt;</span><span class="tsd-signature-symbol">{}</span><span class="tsd-signature-symbol">&gt;</span><a href="#cspJSON" aria-label="Permalink" class="tsd-anchor-icon"><svg class="icon icon-tabler icon-tabler-link" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none" id="icon-anchor-a"></path><path d="M10 14a3.5 3.5 0 0 0 5 0l4 -4a3.5 3.5 0 0 0 -5 -5l-.5 .5" id="icon-anchor-b"></path><path d="M14 10a3.5 3.5 0 0 0 -5 0l-4 4a3.5 3.5 0 0 0 5 5l.5 -.5" id="icon-anchor-c"></path></svg></a></li>
+<li class="tsd-description">
+<div class="tsd-parameters">
+<h4 class="tsd-parameters-title">Parameters</h4>
+<ul class="tsd-parameter-list">
+<li>
+<h5>__namedParameters: <a href="../interfaces/Config.html" class="tsd-signature-type" data-tsd-kind="Interface">Config</a></h5></li></ul></div>
+<h4 class="tsd-returns-title">Returns <span class="tsd-signature-type">Promise</span><span class="tsd-signature-symbol">&lt;</span><span class="tsd-signature-symbol">{}</span><span class="tsd-signature-symbol">&gt;</span></h4><aside class="tsd-sources">
+<ul>
+<li>Defined in csp-directives.ts:119</li></ul></aside></li></ul></section></div>
+<div class="col-4 col-menu menu-sticky-wrap menu-highlight">
+<div class="tsd-navigation settings">
+<details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
+<h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.93896 8.531L12 15.591L19.061 8.531L16.939 6.409L12 11.349L7.06098 6.409L4.93896 8.531Z" fill="var(--color-text)"></path></svg> Settings</h3></summary>
+<div class="tsd-accordion-details">
+<div class="tsd-filter-visibility">
+<h4 class="uppercase">Member Visibility</h4><form>
+<ul id="tsd-filter-options">
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-protected" name="protected"/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>Protected</span></label></li>
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-inherited" name="inherited" checked/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>Inherited</span></label></li>
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-external" name="external"/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>External</span></label></li></ul></form></div>
+<div class="tsd-theme-toggle">
+<h4 class="uppercase">Theme</h4><select id="theme"><option value="os">OS</option><option value="light">Light</option><option value="dark">Dark</option></select></div></div></details></div>
+<nav class="tsd-navigation primary">
+<details class="tsd-index-accordion" open><summary class="tsd-accordion-summary">
+<h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.93896 8.531L12 15.591L19.061 8.531L16.939 6.409L12 11.349L7.06098 6.409L4.93896 8.531Z" fill="var(--color-text)"></path></svg> Modules</h3></summary>
+<div class="tsd-accordion-details">
+<ul>
+<li><a href="../modules.html">@jackdbd/content-<wbr/>security-<wbr/>policy</a>
+<ul></ul></li></ul></div></details></nav>
+<nav class="tsd-navigation secondary menu-sticky">
+<ul>
+<li class="tsd-kind-interface"><a href="../interfaces/Config.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-interface)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-256-path"></rect><path d="M9.51 16V15.016H11.298V8.224H9.51V7.24H14.19V8.224H12.402V15.016H14.19V16H9.51Z" fill="var(--color-text)" id="icon-256-text"></path></svg>Config</a></li>
+<li class="tsd-kind-interface"><a href="../interfaces/Directives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Directives</a></li>
+<li class="tsd-kind-variable"><a href="../variables/recommended_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-variable)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-32-path"></rect><path d="M11.106 16L8.85 7.24H9.966L11.454 13.192C11.558 13.608 11.646 13.996 11.718 14.356C11.79 14.708 11.842 14.976 11.874 15.16C11.906 14.976 11.954 14.708 12.018 14.356C12.09 13.996 12.178 13.608 12.282 13.192L13.758 7.24H14.85L12.582 16H11.106Z" fill="var(--color-text)" id="icon-32-text"></path></svg>recommended_<wbr/>policy</a></li>
+<li class="tsd-kind-variable"><a href="../variables/starter_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-32-path"></use><use href="#icon-32-text"></use></svg>starter_<wbr/>policy</a></li>
+<li class="tsd-kind-function"><a href="cspDirectives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-function)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-64-path"></rect><path d="M9.39 16V7.24H14.55V8.224H10.446V11.128H14.238V12.112H10.47V16H9.39Z" fill="var(--color-text)" id="icon-64-text"></path></svg>csp<wbr/>Directives</a></li>
+<li class="tsd-kind-function"><a href="cspHeader.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>csp<wbr/>Header</a></li>
+<li class="current tsd-kind-function"><a href="cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li></ul></nav></div></div>
+<div class="container tsd-generator">
+<p>Generated using <a href="https://typedoc.org/" target="_blank">TypeDoc</a></p></div>
+<div class="overlay"></div><script src="../assets/main.js"></script></body></html>
\ No newline at end of file
diff --git a/docs/content-security-policy/index.html b/docs/content-security-policy/index.html
new file mode 100644
index 00000000..83a0500a
--- /dev/null
+++ b/docs/content-security-policy/index.html
@@ -0,0 +1,74 @@
+<!DOCTYPE html><html class="default" lang="en"><head><meta charSet="utf-8"/><meta http-equiv="x-ua-compatible" content="IE=edge"/><title>@jackdbd/content-security-policy</title><meta name="description" content="Documentation for @jackdbd/content-security-policy"/><meta name="viewport" content="width=device-width, initial-scale=1"/><link rel="stylesheet" href="assets/style.css"/><link rel="stylesheet" href="assets/highlight.css"/><script async src="assets/search.js" id="search-script"></script></head><body><script>document.documentElement.dataset.theme = localStorage.getItem("tsd-theme") || "os"</script><header class="tsd-page-toolbar">
+<div class="tsd-toolbar-contents container">
+<div class="table-cell" id="tsd-search" data-base=".">
+<div class="field"><label for="tsd-search-field" class="tsd-widget search no-caption"><svg width="16" height="16" viewBox="0 0 16 16" fill="none"><path d="M15.7824 13.833L12.6666 10.7177C12.5259 10.5771 12.3353 10.499 12.1353 10.499H11.6259C12.4884 9.39596 13.001 8.00859 13.001 6.49937C13.001 2.90909 10.0914 0 6.50048 0C2.90959 0 0 2.90909 0 6.49937C0 10.0896 2.90959 12.9987 6.50048 12.9987C8.00996 12.9987 9.39756 12.4863 10.5008 11.6239V12.1332C10.5008 12.3332 10.5789 12.5238 10.7195 12.6644L13.8354 15.7797C14.1292 16.0734 14.6042 16.0734 14.8948 15.7797L15.7793 14.8954C16.0731 14.6017 16.0731 14.1267 15.7824 13.833ZM6.50048 10.499C4.29094 10.499 2.50018 8.71165 2.50018 6.49937C2.50018 4.29021 4.28781 2.49976 6.50048 2.49976C8.71001 2.49976 10.5008 4.28708 10.5008 6.49937C10.5008 8.70852 8.71314 10.499 6.50048 10.499Z" fill="var(--color-text)"></path></svg></label><input type="text" id="tsd-search-field" aria-label="Search"/></div>
+<ul class="results">
+<li class="state loading">Preparing search index...</li>
+<li class="state failure">The search index is not available</li></ul><a href="index.html" class="title">@jackdbd/content-security-policy</a></div>
+<div class="table-cell" id="tsd-widgets"><a href="#" class="tsd-widget menu no-caption" data-toggle="menu" aria-label="Menu"><svg width="16" height="16" viewBox="0 0 16 16" fill="none"><rect x="1" y="3" width="14" height="2" fill="var(--color-text)"></rect><rect x="1" y="7" width="14" height="2" fill="var(--color-text)"></rect><rect x="1" y="11" width="14" height="2" fill="var(--color-text)"></rect></svg></a></div></div></header>
+<div class="container container-main">
+<div class="col-8 col-content">
+<div class="tsd-page-title">
+<h2>@jackdbd/content-security-policy</h2></div>
+<div class="tsd-panel tsd-typography">
+<a href="#jackdbdcontent-security-policy" id="jackdbdcontent-security-policy" style="color: inherit; text-decoration: none;">
+  <h1>@jackdbd/content-security-policy</h1>
+</a>
+<p><a href="https://badge.fury.io/js/@jackdbd%2Fcontent-security-policy"><img src="https://badge.fury.io/js/@jackdbd%2Fcontent-security-policy.svg" alt="npm version"></a>
+<img src="https://img.shields.io/snyk/vulnerabilities/npm/@jackdbd%2Fcontent-security-policy" alt="Snyk Vulnerabilities for npm package"></p>
+<p>Description...</p>
+<!-- START doctoc generated TOC please keep comment here to allow auto update -->
+<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
+<details><summary>Table of Contents</summary>
+
+<ul>
+<li><a href="#installation">Installation</a></li>
+<li><a href="#api">API</a></li>
+</ul>
+<!-- END doctoc generated TOC please keep comment here to allow auto update -->
+</details>
+
+
+<a href="#installation" id="installation" style="color: inherit; text-decoration: none;">
+  <h2>Installation</h2>
+</a>
+<pre><code class="language-sh"><span class="hl-0">npm install @jackdbd/content-security-policy</span>
+</code></pre>
+
+<a href="#api" id="api" style="color: inherit; text-decoration: none;">
+  <h2>API</h2>
+</a>
+<p><a href="https://jackdbd.github.io/calderone/content-security-policy/">API docs generated with TypeDoc</a></p>
+</div></div>
+<div class="col-4 col-menu menu-sticky-wrap menu-highlight">
+<div class="tsd-navigation settings">
+<details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
+<h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.93896 8.531L12 15.591L19.061 8.531L16.939 6.409L12 11.349L7.06098 6.409L4.93896 8.531Z" fill="var(--color-text)"></path></svg> Settings</h3></summary>
+<div class="tsd-accordion-details">
+<div class="tsd-filter-visibility">
+<h4 class="uppercase">Member Visibility</h4><form>
+<ul id="tsd-filter-options">
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-protected" name="protected"/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>Protected</span></label></li>
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-inherited" name="inherited" checked/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>Inherited</span></label></li>
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-external" name="external"/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>External</span></label></li></ul></form></div>
+<div class="tsd-theme-toggle">
+<h4 class="uppercase">Theme</h4><select id="theme"><option value="os">OS</option><option value="light">Light</option><option value="dark">Dark</option></select></div></div></details></div>
+<nav class="tsd-navigation primary">
+<details class="tsd-index-accordion" open><summary class="tsd-accordion-summary">
+<h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.93896 8.531L12 15.591L19.061 8.531L16.939 6.409L12 11.349L7.06098 6.409L4.93896 8.531Z" fill="var(--color-text)"></path></svg> Modules</h3></summary>
+<div class="tsd-accordion-details">
+<ul>
+<li class="current selected"><a href="modules.html">@jackdbd/content-<wbr/>security-<wbr/>policy</a>
+<ul></ul></li></ul></div></details></nav>
+<nav class="tsd-navigation secondary menu-sticky">
+<ul>
+<li class="tsd-kind-interface"><a href="interfaces/Config.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-interface)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-256-path"></rect><path d="M9.51 16V15.016H11.298V8.224H9.51V7.24H14.19V8.224H12.402V15.016H14.19V16H9.51Z" fill="var(--color-text)" id="icon-256-text"></path></svg>Config</a></li>
+<li class="tsd-kind-interface"><a href="interfaces/Directives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Directives</a></li>
+<li class="tsd-kind-variable"><a href="variables/recommended_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-variable)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-32-path"></rect><path d="M11.106 16L8.85 7.24H9.966L11.454 13.192C11.558 13.608 11.646 13.996 11.718 14.356C11.79 14.708 11.842 14.976 11.874 15.16C11.906 14.976 11.954 14.708 12.018 14.356C12.09 13.996 12.178 13.608 12.282 13.192L13.758 7.24H14.85L12.582 16H11.106Z" fill="var(--color-text)" id="icon-32-text"></path></svg>recommended_<wbr/>policy</a></li>
+<li class="tsd-kind-variable"><a href="variables/starter_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-32-path"></use><use href="#icon-32-text"></use></svg>starter_<wbr/>policy</a></li>
+<li class="tsd-kind-function"><a href="functions/cspDirectives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-function)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-64-path"></rect><path d="M9.39 16V7.24H14.55V8.224H10.446V11.128H14.238V12.112H10.47V16H9.39Z" fill="var(--color-text)" id="icon-64-text"></path></svg>csp<wbr/>Directives</a></li>
+<li class="tsd-kind-function"><a href="functions/cspHeader.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>csp<wbr/>Header</a></li>
+<li class="tsd-kind-function"><a href="functions/cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li></ul></nav></div></div>
+<div class="container tsd-generator">
+<p>Generated using <a href="https://typedoc.org/" target="_blank">TypeDoc</a></p></div>
+<div class="overlay"></div><script src="assets/main.js"></script></body></html>
\ No newline at end of file
diff --git a/docs/content-security-policy/interfaces/Config.html b/docs/content-security-policy/interfaces/Config.html
new file mode 100644
index 00000000..51bedd63
--- /dev/null
+++ b/docs/content-security-policy/interfaces/Config.html
@@ -0,0 +1,72 @@
+<!DOCTYPE html><html class="default" lang="en"><head><meta charSet="utf-8"/><meta http-equiv="x-ua-compatible" content="IE=edge"/><title>Config | @jackdbd/content-security-policy</title><meta name="description" content="Documentation for @jackdbd/content-security-policy"/><meta name="viewport" content="width=device-width, initial-scale=1"/><link rel="stylesheet" href="../assets/style.css"/><link rel="stylesheet" href="../assets/highlight.css"/><script async src="../assets/search.js" id="search-script"></script></head><body><script>document.documentElement.dataset.theme = localStorage.getItem("tsd-theme") || "os"</script><header class="tsd-page-toolbar">
+<div class="tsd-toolbar-contents container">
+<div class="table-cell" id="tsd-search" data-base="..">
+<div class="field"><label for="tsd-search-field" class="tsd-widget search no-caption"><svg width="16" height="16" viewBox="0 0 16 16" fill="none"><path d="M15.7824 13.833L12.6666 10.7177C12.5259 10.5771 12.3353 10.499 12.1353 10.499H11.6259C12.4884 9.39596 13.001 8.00859 13.001 6.49937C13.001 2.90909 10.0914 0 6.50048 0C2.90959 0 0 2.90909 0 6.49937C0 10.0896 2.90959 12.9987 6.50048 12.9987C8.00996 12.9987 9.39756 12.4863 10.5008 11.6239V12.1332C10.5008 12.3332 10.5789 12.5238 10.7195 12.6644L13.8354 15.7797C14.1292 16.0734 14.6042 16.0734 14.8948 15.7797L15.7793 14.8954C16.0731 14.6017 16.0731 14.1267 15.7824 13.833ZM6.50048 10.499C4.29094 10.499 2.50018 8.71165 2.50018 6.49937C2.50018 4.29021 4.28781 2.49976 6.50048 2.49976C8.71001 2.49976 10.5008 4.28708 10.5008 6.49937C10.5008 8.70852 8.71314 10.499 6.50048 10.499Z" fill="var(--color-text)"></path></svg></label><input type="text" id="tsd-search-field" aria-label="Search"/></div>
+<ul class="results">
+<li class="state loading">Preparing search index...</li>
+<li class="state failure">The search index is not available</li></ul><a href="../index.html" class="title">@jackdbd/content-security-policy</a></div>
+<div class="table-cell" id="tsd-widgets"><a href="#" class="tsd-widget menu no-caption" data-toggle="menu" aria-label="Menu"><svg width="16" height="16" viewBox="0 0 16 16" fill="none"><rect x="1" y="3" width="14" height="2" fill="var(--color-text)"></rect><rect x="1" y="7" width="14" height="2" fill="var(--color-text)"></rect><rect x="1" y="11" width="14" height="2" fill="var(--color-text)"></rect></svg></a></div></div></header>
+<div class="container container-main">
+<div class="col-8 col-content">
+<div class="tsd-page-title">
+<ul class="tsd-breadcrumb">
+<li><a href="../modules.html">@jackdbd/content-security-policy</a></li>
+<li><a href="Config.html">Config</a></li></ul>
+<h1>Interface Config</h1></div>
+<section class="tsd-panel tsd-hierarchy">
+<h4>Hierarchy</h4>
+<ul class="tsd-hierarchy">
+<li><span class="target">Config</span></li></ul></section><aside class="tsd-sources">
+<ul>
+<li>Defined in csp-directives.ts:16</li></ul></aside>
+<section class="tsd-panel-group tsd-index-group">
+<section class="tsd-panel tsd-index-panel">
+<details class="tsd-index-content tsd-index-accordion" open><summary class="tsd-accordion-summary tsd-index-summary">
+<h5 class="tsd-index-heading uppercase" role="button" aria-expanded="false" tabIndex=0><svg width="16" height="16" viewBox="0 0 16 16" fill="none"><path d="M1.5 5.50969L8 11.6609L14.5 5.50969L12.5466 3.66086L8 7.96494L3.45341 3.66086L1.5 5.50969Z" fill="var(--color-text)"></path></svg> Index</h5></summary>
+<div class="tsd-accordion-details">
+<section class="tsd-index-section">
+<h3 class="tsd-index-heading">Properties</h3>
+<div class="tsd-index-list"><a href="Config.html#directives" class="tsd-index-link tsd-kind-property tsd-parent-kind-interface"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="#FF984D" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="12" id="icon-1024-path"></rect><path d="M9.354 16V7.24H12.174C12.99 7.24 13.638 7.476 14.118 7.948C14.606 8.412 14.85 9.036 14.85 9.82C14.85 10.604 14.606 11.232 14.118 11.704C13.638 12.168 12.99 12.4 12.174 12.4H10.434V16H9.354ZM10.434 11.428H12.174C12.646 11.428 13.022 11.284 13.302 10.996C13.59 10.7 13.734 10.308 13.734 9.82C13.734 9.324 13.59 8.932 13.302 8.644C13.022 8.356 12.646 8.212 12.174 8.212H10.434V11.428Z" fill="var(--color-text)" id="icon-1024-text"></path></svg><span>directives</span></a>
+<a href="Config.html#patterns" class="tsd-index-link tsd-kind-property tsd-parent-kind-interface"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-1024-path"></use><use href="#icon-1024-text"></use></svg><span>patterns</span></a>
+</div></section></div></details></section></section>
+<section class="tsd-panel-group tsd-member-group">
+<h2>Properties</h2>
+<section class="tsd-panel tsd-member tsd-kind-property tsd-parent-kind-interface"><a id="directives" class="tsd-anchor"></a>
+<h3 class="tsd-anchor-link"><span>directives</span><a href="#directives" aria-label="Permalink" class="tsd-anchor-icon"><svg class="icon icon-tabler icon-tabler-link" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none" id="icon-anchor-a"></path><path d="M10 14a3.5 3.5 0 0 0 5 0l4 -4a3.5 3.5 0 0 0 -5 -5l-.5 .5" id="icon-anchor-b"></path><path d="M14 10a3.5 3.5 0 0 0 -5 0l-4 4a3.5 3.5 0 0 0 5 5l.5 -.5" id="icon-anchor-c"></path></svg></a></h3>
+<div class="tsd-signature">directives<span class="tsd-signature-symbol">:</span> <a href="Directives.html" class="tsd-signature-type" data-tsd-kind="Interface">Directives</a></div><aside class="tsd-sources">
+<ul>
+<li>Defined in csp-directives.ts:17</li></ul></aside></section>
+<section class="tsd-panel tsd-member tsd-kind-property tsd-parent-kind-interface"><a id="patterns" class="tsd-anchor"></a>
+<h3 class="tsd-anchor-link"><span>patterns</span><a href="#patterns" aria-label="Permalink" class="tsd-anchor-icon"><svg class="icon icon-tabler icon-tabler-link" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><use href="#icon-anchor-a"></use><use href="#icon-anchor-b"></use><use href="#icon-anchor-c"></use></svg></a></h3>
+<div class="tsd-signature">patterns<span class="tsd-signature-symbol">:</span> <span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></div><aside class="tsd-sources">
+<ul>
+<li>Defined in csp-directives.ts:18</li></ul></aside></section></section></div>
+<div class="col-4 col-menu menu-sticky-wrap menu-highlight">
+<div class="tsd-navigation settings">
+<details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
+<h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.93896 8.531L12 15.591L19.061 8.531L16.939 6.409L12 11.349L7.06098 6.409L4.93896 8.531Z" fill="var(--color-text)"></path></svg> Settings</h3></summary>
+<div class="tsd-accordion-details">
+<div class="tsd-filter-visibility">
+<h4 class="uppercase">Member Visibility</h4><form>
+<ul id="tsd-filter-options">
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-protected" name="protected"/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>Protected</span></label></li>
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-inherited" name="inherited" checked/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>Inherited</span></label></li>
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-external" name="external"/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>External</span></label></li></ul></form></div>
+<div class="tsd-theme-toggle">
+<h4 class="uppercase">Theme</h4><select id="theme"><option value="os">OS</option><option value="light">Light</option><option value="dark">Dark</option></select></div></div></details></div>
+<nav class="tsd-navigation primary">
+<details class="tsd-index-accordion" open><summary class="tsd-accordion-summary">
+<h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.93896 8.531L12 15.591L19.061 8.531L16.939 6.409L12 11.349L7.06098 6.409L4.93896 8.531Z" fill="var(--color-text)"></path></svg> Modules</h3></summary>
+<div class="tsd-accordion-details">
+<ul>
+<li><a href="../modules.html">@jackdbd/content-<wbr/>security-<wbr/>policy</a>
+<ul></ul></li></ul></div></details></nav>
+<nav class="tsd-navigation secondary menu-sticky">
+<ul>
+<li class="current tsd-kind-interface"><a href="Config.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-interface)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-256-path"></rect><path d="M9.51 16V15.016H11.298V8.224H9.51V7.24H14.19V8.224H12.402V15.016H14.19V16H9.51Z" fill="var(--color-text)" id="icon-256-text"></path></svg><span>Config</span></a>
+<ul>
+<li class="tsd-kind-property tsd-parent-kind-interface"><a href="Config.html#directives" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-1024-path"></use><use href="#icon-1024-text"></use></svg>directives</a></li>
+<li class="tsd-kind-property tsd-parent-kind-interface"><a href="Config.html#patterns" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-1024-path"></use><use href="#icon-1024-text"></use></svg>patterns</a></li></ul></li></ul></nav></div></div>
+<div class="container tsd-generator">
+<p>Generated using <a href="https://typedoc.org/" target="_blank">TypeDoc</a></p></div>
+<div class="overlay"></div><script src="../assets/main.js"></script></body></html>
\ No newline at end of file
diff --git a/docs/content-security-policy/interfaces/Directives.html b/docs/content-security-policy/interfaces/Directives.html
new file mode 100644
index 00000000..2a82991e
--- /dev/null
+++ b/docs/content-security-policy/interfaces/Directives.html
@@ -0,0 +1,56 @@
+<!DOCTYPE html><html class="default" lang="en"><head><meta charSet="utf-8"/><meta http-equiv="x-ua-compatible" content="IE=edge"/><title>Directives | @jackdbd/content-security-policy</title><meta name="description" content="Documentation for @jackdbd/content-security-policy"/><meta name="viewport" content="width=device-width, initial-scale=1"/><link rel="stylesheet" href="../assets/style.css"/><link rel="stylesheet" href="../assets/highlight.css"/><script async src="../assets/search.js" id="search-script"></script></head><body><script>document.documentElement.dataset.theme = localStorage.getItem("tsd-theme") || "os"</script><header class="tsd-page-toolbar">
+<div class="tsd-toolbar-contents container">
+<div class="table-cell" id="tsd-search" data-base="..">
+<div class="field"><label for="tsd-search-field" class="tsd-widget search no-caption"><svg width="16" height="16" viewBox="0 0 16 16" fill="none"><path d="M15.7824 13.833L12.6666 10.7177C12.5259 10.5771 12.3353 10.499 12.1353 10.499H11.6259C12.4884 9.39596 13.001 8.00859 13.001 6.49937C13.001 2.90909 10.0914 0 6.50048 0C2.90959 0 0 2.90909 0 6.49937C0 10.0896 2.90959 12.9987 6.50048 12.9987C8.00996 12.9987 9.39756 12.4863 10.5008 11.6239V12.1332C10.5008 12.3332 10.5789 12.5238 10.7195 12.6644L13.8354 15.7797C14.1292 16.0734 14.6042 16.0734 14.8948 15.7797L15.7793 14.8954C16.0731 14.6017 16.0731 14.1267 15.7824 13.833ZM6.50048 10.499C4.29094 10.499 2.50018 8.71165 2.50018 6.49937C2.50018 4.29021 4.28781 2.49976 6.50048 2.49976C8.71001 2.49976 10.5008 4.28708 10.5008 6.49937C10.5008 8.70852 8.71314 10.499 6.50048 10.499Z" fill="var(--color-text)"></path></svg></label><input type="text" id="tsd-search-field" aria-label="Search"/></div>
+<ul class="results">
+<li class="state loading">Preparing search index...</li>
+<li class="state failure">The search index is not available</li></ul><a href="../index.html" class="title">@jackdbd/content-security-policy</a></div>
+<div class="table-cell" id="tsd-widgets"><a href="#" class="tsd-widget menu no-caption" data-toggle="menu" aria-label="Menu"><svg width="16" height="16" viewBox="0 0 16 16" fill="none"><rect x="1" y="3" width="14" height="2" fill="var(--color-text)"></rect><rect x="1" y="7" width="14" height="2" fill="var(--color-text)"></rect><rect x="1" y="11" width="14" height="2" fill="var(--color-text)"></rect></svg></a></div></div></header>
+<div class="container container-main">
+<div class="col-8 col-content">
+<div class="tsd-page-title">
+<ul class="tsd-breadcrumb">
+<li><a href="../modules.html">@jackdbd/content-security-policy</a></li>
+<li><a href="Directives.html">Directives</a></li></ul>
+<h1>Interface Directives</h1></div>
+<section class="tsd-panel tsd-hierarchy">
+<h4>Hierarchy</h4>
+<ul class="tsd-hierarchy">
+<li><span class="target">Directives</span></li></ul></section>
+<section class="tsd-panel tsd-kind-interface">
+<h4 class="tsd-before-signature">Indexable</h4>
+<div class="tsd-signature"><span class="tsd-signature-symbol">[</span>k: <span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">]: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></div></section><aside class="tsd-sources">
+<ul>
+<li>Defined in directives.ts:90</li></ul></aside></div>
+<div class="col-4 col-menu menu-sticky-wrap menu-highlight">
+<div class="tsd-navigation settings">
+<details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
+<h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.93896 8.531L12 15.591L19.061 8.531L16.939 6.409L12 11.349L7.06098 6.409L4.93896 8.531Z" fill="var(--color-text)"></path></svg> Settings</h3></summary>
+<div class="tsd-accordion-details">
+<div class="tsd-filter-visibility">
+<h4 class="uppercase">Member Visibility</h4><form>
+<ul id="tsd-filter-options">
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-protected" name="protected"/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>Protected</span></label></li>
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-inherited" name="inherited" checked/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>Inherited</span></label></li>
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-external" name="external"/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>External</span></label></li></ul></form></div>
+<div class="tsd-theme-toggle">
+<h4 class="uppercase">Theme</h4><select id="theme"><option value="os">OS</option><option value="light">Light</option><option value="dark">Dark</option></select></div></div></details></div>
+<nav class="tsd-navigation primary">
+<details class="tsd-index-accordion" open><summary class="tsd-accordion-summary">
+<h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.93896 8.531L12 15.591L19.061 8.531L16.939 6.409L12 11.349L7.06098 6.409L4.93896 8.531Z" fill="var(--color-text)"></path></svg> Modules</h3></summary>
+<div class="tsd-accordion-details">
+<ul>
+<li><a href="../modules.html">@jackdbd/content-<wbr/>security-<wbr/>policy</a>
+<ul></ul></li></ul></div></details></nav>
+<nav class="tsd-navigation secondary menu-sticky">
+<ul>
+<li class="tsd-kind-interface"><a href="Config.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-interface)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-256-path"></rect><path d="M9.51 16V15.016H11.298V8.224H9.51V7.24H14.19V8.224H12.402V15.016H14.19V16H9.51Z" fill="var(--color-text)" id="icon-256-text"></path></svg>Config</a></li>
+<li class="current tsd-kind-interface"><a href="Directives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Directives</a></li>
+<li class="tsd-kind-variable"><a href="../variables/recommended_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-variable)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-32-path"></rect><path d="M11.106 16L8.85 7.24H9.966L11.454 13.192C11.558 13.608 11.646 13.996 11.718 14.356C11.79 14.708 11.842 14.976 11.874 15.16C11.906 14.976 11.954 14.708 12.018 14.356C12.09 13.996 12.178 13.608 12.282 13.192L13.758 7.24H14.85L12.582 16H11.106Z" fill="var(--color-text)" id="icon-32-text"></path></svg>recommended_<wbr/>policy</a></li>
+<li class="tsd-kind-variable"><a href="../variables/starter_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-32-path"></use><use href="#icon-32-text"></use></svg>starter_<wbr/>policy</a></li>
+<li class="tsd-kind-function"><a href="../functions/cspDirectives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-function)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-64-path"></rect><path d="M9.39 16V7.24H14.55V8.224H10.446V11.128H14.238V12.112H10.47V16H9.39Z" fill="var(--color-text)" id="icon-64-text"></path></svg>csp<wbr/>Directives</a></li>
+<li class="tsd-kind-function"><a href="../functions/cspHeader.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>csp<wbr/>Header</a></li>
+<li class="tsd-kind-function"><a href="../functions/cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li></ul></nav></div></div>
+<div class="container tsd-generator">
+<p>Generated using <a href="https://typedoc.org/" target="_blank">TypeDoc</a></p></div>
+<div class="overlay"></div><script src="../assets/main.js"></script></body></html>
\ No newline at end of file
diff --git a/docs/content-security-policy/modules.html b/docs/content-security-policy/modules.html
new file mode 100644
index 00000000..99b31900
--- /dev/null
+++ b/docs/content-security-policy/modules.html
@@ -0,0 +1,66 @@
+<!DOCTYPE html><html class="default" lang="en"><head><meta charSet="utf-8"/><meta http-equiv="x-ua-compatible" content="IE=edge"/><title>@jackdbd/content-security-policy</title><meta name="description" content="Documentation for @jackdbd/content-security-policy"/><meta name="viewport" content="width=device-width, initial-scale=1"/><link rel="stylesheet" href="assets/style.css"/><link rel="stylesheet" href="assets/highlight.css"/><script async src="assets/search.js" id="search-script"></script></head><body><script>document.documentElement.dataset.theme = localStorage.getItem("tsd-theme") || "os"</script><header class="tsd-page-toolbar">
+<div class="tsd-toolbar-contents container">
+<div class="table-cell" id="tsd-search" data-base=".">
+<div class="field"><label for="tsd-search-field" class="tsd-widget search no-caption"><svg width="16" height="16" viewBox="0 0 16 16" fill="none"><path d="M15.7824 13.833L12.6666 10.7177C12.5259 10.5771 12.3353 10.499 12.1353 10.499H11.6259C12.4884 9.39596 13.001 8.00859 13.001 6.49937C13.001 2.90909 10.0914 0 6.50048 0C2.90959 0 0 2.90909 0 6.49937C0 10.0896 2.90959 12.9987 6.50048 12.9987C8.00996 12.9987 9.39756 12.4863 10.5008 11.6239V12.1332C10.5008 12.3332 10.5789 12.5238 10.7195 12.6644L13.8354 15.7797C14.1292 16.0734 14.6042 16.0734 14.8948 15.7797L15.7793 14.8954C16.0731 14.6017 16.0731 14.1267 15.7824 13.833ZM6.50048 10.499C4.29094 10.499 2.50018 8.71165 2.50018 6.49937C2.50018 4.29021 4.28781 2.49976 6.50048 2.49976C8.71001 2.49976 10.5008 4.28708 10.5008 6.49937C10.5008 8.70852 8.71314 10.499 6.50048 10.499Z" fill="var(--color-text)"></path></svg></label><input type="text" id="tsd-search-field" aria-label="Search"/></div>
+<ul class="results">
+<li class="state loading">Preparing search index...</li>
+<li class="state failure">The search index is not available</li></ul><a href="index.html" class="title">@jackdbd/content-security-policy</a></div>
+<div class="table-cell" id="tsd-widgets"><a href="#" class="tsd-widget menu no-caption" data-toggle="menu" aria-label="Menu"><svg width="16" height="16" viewBox="0 0 16 16" fill="none"><rect x="1" y="3" width="14" height="2" fill="var(--color-text)"></rect><rect x="1" y="7" width="14" height="2" fill="var(--color-text)"></rect><rect x="1" y="11" width="14" height="2" fill="var(--color-text)"></rect></svg></a></div></div></header>
+<div class="container container-main">
+<div class="col-8 col-content">
+<div class="tsd-page-title">
+<h2>@jackdbd/content-security-policy</h2></div>
+<section class="tsd-panel tsd-comment">
+<div class="tsd-comment tsd-typography"><p>Entry point for the documentation of content-security-policy.</p>
+</div></section>
+<section class="tsd-panel-group tsd-index-group">
+<section class="tsd-panel tsd-index-panel">
+<h3 class="tsd-index-heading uppercase">Index</h3>
+<section class="tsd-index-section">
+<h3 class="tsd-index-heading">Interfaces</h3>
+<div class="tsd-index-list"><a href="interfaces/Config.html" class="tsd-index-link tsd-kind-interface"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-interface)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-256-path"></rect><path d="M9.51 16V15.016H11.298V8.224H9.51V7.24H14.19V8.224H12.402V15.016H14.19V16H9.51Z" fill="var(--color-text)" id="icon-256-text"></path></svg><span>Config</span></a>
+<a href="interfaces/Directives.html" class="tsd-index-link tsd-kind-interface"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg><span>Directives</span></a>
+</div></section>
+<section class="tsd-index-section">
+<h3 class="tsd-index-heading">Variables</h3>
+<div class="tsd-index-list"><a href="variables/recommended_policy.html" class="tsd-index-link tsd-kind-variable"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-variable)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-32-path"></rect><path d="M11.106 16L8.85 7.24H9.966L11.454 13.192C11.558 13.608 11.646 13.996 11.718 14.356C11.79 14.708 11.842 14.976 11.874 15.16C11.906 14.976 11.954 14.708 12.018 14.356C12.09 13.996 12.178 13.608 12.282 13.192L13.758 7.24H14.85L12.582 16H11.106Z" fill="var(--color-text)" id="icon-32-text"></path></svg><span>recommended_<wbr/>policy</span></a>
+<a href="variables/starter_policy.html" class="tsd-index-link tsd-kind-variable"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-32-path"></use><use href="#icon-32-text"></use></svg><span>starter_<wbr/>policy</span></a>
+</div></section>
+<section class="tsd-index-section">
+<h3 class="tsd-index-heading">Functions</h3>
+<div class="tsd-index-list"><a href="functions/cspDirectives.html" class="tsd-index-link tsd-kind-function"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-function)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-64-path"></rect><path d="M9.39 16V7.24H14.55V8.224H10.446V11.128H14.238V12.112H10.47V16H9.39Z" fill="var(--color-text)" id="icon-64-text"></path></svg><span>csp<wbr/>Directives</span></a>
+<a href="functions/cspHeader.html" class="tsd-index-link tsd-kind-function"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg><span>csp<wbr/>Header</span></a>
+<a href="functions/cspJSON.html" class="tsd-index-link tsd-kind-function"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg><span>cspJSON</span></a>
+</div></section></section></section></div>
+<div class="col-4 col-menu menu-sticky-wrap menu-highlight">
+<div class="tsd-navigation settings">
+<details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
+<h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.93896 8.531L12 15.591L19.061 8.531L16.939 6.409L12 11.349L7.06098 6.409L4.93896 8.531Z" fill="var(--color-text)"></path></svg> Settings</h3></summary>
+<div class="tsd-accordion-details">
+<div class="tsd-filter-visibility">
+<h4 class="uppercase">Member Visibility</h4><form>
+<ul id="tsd-filter-options">
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-protected" name="protected"/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>Protected</span></label></li>
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-inherited" name="inherited" checked/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>Inherited</span></label></li>
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-external" name="external"/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>External</span></label></li></ul></form></div>
+<div class="tsd-theme-toggle">
+<h4 class="uppercase">Theme</h4><select id="theme"><option value="os">OS</option><option value="light">Light</option><option value="dark">Dark</option></select></div></div></details></div>
+<nav class="tsd-navigation primary">
+<details class="tsd-index-accordion" open><summary class="tsd-accordion-summary">
+<h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.93896 8.531L12 15.591L19.061 8.531L16.939 6.409L12 11.349L7.06098 6.409L4.93896 8.531Z" fill="var(--color-text)"></path></svg> Modules</h3></summary>
+<div class="tsd-accordion-details">
+<ul>
+<li class="current selected"><a href="modules.html">@jackdbd/content-<wbr/>security-<wbr/>policy</a>
+<ul></ul></li></ul></div></details></nav>
+<nav class="tsd-navigation secondary menu-sticky">
+<ul>
+<li class="tsd-kind-interface"><a href="interfaces/Config.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Config</a></li>
+<li class="tsd-kind-interface"><a href="interfaces/Directives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Directives</a></li>
+<li class="tsd-kind-variable"><a href="variables/recommended_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-32-path"></use><use href="#icon-32-text"></use></svg>recommended_<wbr/>policy</a></li>
+<li class="tsd-kind-variable"><a href="variables/starter_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-32-path"></use><use href="#icon-32-text"></use></svg>starter_<wbr/>policy</a></li>
+<li class="tsd-kind-function"><a href="functions/cspDirectives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>csp<wbr/>Directives</a></li>
+<li class="tsd-kind-function"><a href="functions/cspHeader.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>csp<wbr/>Header</a></li>
+<li class="tsd-kind-function"><a href="functions/cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li></ul></nav></div></div>
+<div class="container tsd-generator">
+<p>Generated using <a href="https://typedoc.org/" target="_blank">TypeDoc</a></p></div>
+<div class="overlay"></div><script src="assets/main.js"></script></body></html>
\ No newline at end of file
diff --git a/docs/content-security-policy/variables/recommended_policy.html b/docs/content-security-policy/variables/recommended_policy.html
new file mode 100644
index 00000000..68b8a266
--- /dev/null
+++ b/docs/content-security-policy/variables/recommended_policy.html
@@ -0,0 +1,94 @@
+<!DOCTYPE html><html class="default" lang="en"><head><meta charSet="utf-8"/><meta http-equiv="x-ua-compatible" content="IE=edge"/><title>recommended_policy | @jackdbd/content-security-policy</title><meta name="description" content="Documentation for @jackdbd/content-security-policy"/><meta name="viewport" content="width=device-width, initial-scale=1"/><link rel="stylesheet" href="../assets/style.css"/><link rel="stylesheet" href="../assets/highlight.css"/><script async src="../assets/search.js" id="search-script"></script></head><body><script>document.documentElement.dataset.theme = localStorage.getItem("tsd-theme") || "os"</script><header class="tsd-page-toolbar">
+<div class="tsd-toolbar-contents container">
+<div class="table-cell" id="tsd-search" data-base="..">
+<div class="field"><label for="tsd-search-field" class="tsd-widget search no-caption"><svg width="16" height="16" viewBox="0 0 16 16" fill="none"><path d="M15.7824 13.833L12.6666 10.7177C12.5259 10.5771 12.3353 10.499 12.1353 10.499H11.6259C12.4884 9.39596 13.001 8.00859 13.001 6.49937C13.001 2.90909 10.0914 0 6.50048 0C2.90959 0 0 2.90909 0 6.49937C0 10.0896 2.90959 12.9987 6.50048 12.9987C8.00996 12.9987 9.39756 12.4863 10.5008 11.6239V12.1332C10.5008 12.3332 10.5789 12.5238 10.7195 12.6644L13.8354 15.7797C14.1292 16.0734 14.6042 16.0734 14.8948 15.7797L15.7793 14.8954C16.0731 14.6017 16.0731 14.1267 15.7824 13.833ZM6.50048 10.499C4.29094 10.499 2.50018 8.71165 2.50018 6.49937C2.50018 4.29021 4.28781 2.49976 6.50048 2.49976C8.71001 2.49976 10.5008 4.28708 10.5008 6.49937C10.5008 8.70852 8.71314 10.499 6.50048 10.499Z" fill="var(--color-text)"></path></svg></label><input type="text" id="tsd-search-field" aria-label="Search"/></div>
+<ul class="results">
+<li class="state loading">Preparing search index...</li>
+<li class="state failure">The search index is not available</li></ul><a href="../index.html" class="title">@jackdbd/content-security-policy</a></div>
+<div class="table-cell" id="tsd-widgets"><a href="#" class="tsd-widget menu no-caption" data-toggle="menu" aria-label="Menu"><svg width="16" height="16" viewBox="0 0 16 16" fill="none"><rect x="1" y="3" width="14" height="2" fill="var(--color-text)"></rect><rect x="1" y="7" width="14" height="2" fill="var(--color-text)"></rect><rect x="1" y="11" width="14" height="2" fill="var(--color-text)"></rect></svg></a></div></div></header>
+<div class="container container-main">
+<div class="col-8 col-content">
+<div class="tsd-page-title">
+<ul class="tsd-breadcrumb">
+<li><a href="../modules.html">@jackdbd/content-security-policy</a></li>
+<li><a href="recommended_policy.html">recommended_policy</a></li></ul>
+<h1>Variable recommended_policy<code class="tsd-tag ts-flagConst">Const</code> </h1></div>
+<div class="tsd-signature">recommended_<wbr/>policy<span class="tsd-signature-symbol">:</span> <span class="tsd-signature-symbol">{ </span>base-uri<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol">; </span>connect-src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol">; </span>default-src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol">; </span>font-src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol">; </span>form-action<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol">; </span>frame-ancestors<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol">; </span>img-src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol">; </span>manifest-src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol">; </span>object-src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol">; </span>prefetch-src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol">; </span>script-src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol">; </span>style-src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol">; </span>upgrade-insecure-requests<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">boolean</span><span class="tsd-signature-symbol"> }</span><span class="tsd-signature-symbol"> = ...</span></div>
+<div class="tsd-comment tsd-typography"><p>Recommended policy for most sites.</p>
+<p>Differences with the standard policy are the following ones:</p>
+<ul>
+<li>font-src is set to &#39;self&#39;, to allow self-hosted fonts</li>
+<li>frame-ancestors is set to &#39;none&#39;</li>
+<li>manifest-src is set to &#39;self&#39;, to allow a self-hosted web application
+manifest,so the website can be installed as Progressive Web App.
+Learn more: <a href="https://developer.mozilla.org/en-US/docs/Web/Manifest">https://developer.mozilla.org/en-US/docs/Web/Manifest</a></li>
+<li>object-src is set to &#39;none&#39; as recommended here: <a href="https://csp.withgoogle.com/docs/strict-csp.html">https://csp.withgoogle.com/docs/strict-csp.html</a></li>
+<li>prefetch-src is set to &#39;self, to allow prefetching content hosted on this origin</li>
+<li>upgrade-insecure-requests is set to true, even if I am not sure it&#39;s
+really necessary, since it does NOT replace HSTS.
+Learn more: <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests">https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests</a></li>
+</ul>
+</div>
+<div class="tsd-type-declaration">
+<h4>Type declaration</h4>
+<ul class="tsd-parameters">
+<li class="tsd-parameter">
+<h5>base-<wbr/>uri<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></h5></li>
+<li class="tsd-parameter">
+<h5>connect-<wbr/>src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></h5></li>
+<li class="tsd-parameter">
+<h5>default-<wbr/>src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></h5></li>
+<li class="tsd-parameter">
+<h5>font-<wbr/>src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></h5></li>
+<li class="tsd-parameter">
+<h5>form-<wbr/>action<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></h5></li>
+<li class="tsd-parameter">
+<h5>frame-<wbr/>ancestors<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></h5></li>
+<li class="tsd-parameter">
+<h5>img-<wbr/>src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></h5></li>
+<li class="tsd-parameter">
+<h5>manifest-<wbr/>src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></h5></li>
+<li class="tsd-parameter">
+<h5>object-<wbr/>src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></h5></li>
+<li class="tsd-parameter">
+<h5>prefetch-<wbr/>src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></h5></li>
+<li class="tsd-parameter">
+<h5>script-<wbr/>src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></h5></li>
+<li class="tsd-parameter">
+<h5>style-<wbr/>src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></h5></li>
+<li class="tsd-parameter">
+<h5>upgrade-<wbr/>insecure-<wbr/>requests<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">boolean</span></h5></li></ul></div><aside class="tsd-sources">
+<ul>
+<li>Defined in policies.ts:30</li></ul></aside></div>
+<div class="col-4 col-menu menu-sticky-wrap menu-highlight">
+<div class="tsd-navigation settings">
+<details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
+<h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.93896 8.531L12 15.591L19.061 8.531L16.939 6.409L12 11.349L7.06098 6.409L4.93896 8.531Z" fill="var(--color-text)"></path></svg> Settings</h3></summary>
+<div class="tsd-accordion-details">
+<div class="tsd-filter-visibility">
+<h4 class="uppercase">Member Visibility</h4><form>
+<ul id="tsd-filter-options">
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-protected" name="protected"/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>Protected</span></label></li>
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-inherited" name="inherited" checked/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>Inherited</span></label></li>
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-external" name="external"/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>External</span></label></li></ul></form></div>
+<div class="tsd-theme-toggle">
+<h4 class="uppercase">Theme</h4><select id="theme"><option value="os">OS</option><option value="light">Light</option><option value="dark">Dark</option></select></div></div></details></div>
+<nav class="tsd-navigation primary">
+<details class="tsd-index-accordion" open><summary class="tsd-accordion-summary">
+<h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.93896 8.531L12 15.591L19.061 8.531L16.939 6.409L12 11.349L7.06098 6.409L4.93896 8.531Z" fill="var(--color-text)"></path></svg> Modules</h3></summary>
+<div class="tsd-accordion-details">
+<ul>
+<li><a href="../modules.html">@jackdbd/content-<wbr/>security-<wbr/>policy</a>
+<ul></ul></li></ul></div></details></nav>
+<nav class="tsd-navigation secondary menu-sticky">
+<ul>
+<li class="tsd-kind-interface"><a href="../interfaces/Config.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-interface)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-256-path"></rect><path d="M9.51 16V15.016H11.298V8.224H9.51V7.24H14.19V8.224H12.402V15.016H14.19V16H9.51Z" fill="var(--color-text)" id="icon-256-text"></path></svg>Config</a></li>
+<li class="tsd-kind-interface"><a href="../interfaces/Directives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Directives</a></li>
+<li class="current tsd-kind-variable"><a href="recommended_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-variable)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-32-path"></rect><path d="M11.106 16L8.85 7.24H9.966L11.454 13.192C11.558 13.608 11.646 13.996 11.718 14.356C11.79 14.708 11.842 14.976 11.874 15.16C11.906 14.976 11.954 14.708 12.018 14.356C12.09 13.996 12.178 13.608 12.282 13.192L13.758 7.24H14.85L12.582 16H11.106Z" fill="var(--color-text)" id="icon-32-text"></path></svg>recommended_<wbr/>policy</a></li>
+<li class="tsd-kind-variable"><a href="starter_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-32-path"></use><use href="#icon-32-text"></use></svg>starter_<wbr/>policy</a></li>
+<li class="tsd-kind-function"><a href="../functions/cspDirectives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-function)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-64-path"></rect><path d="M9.39 16V7.24H14.55V8.224H10.446V11.128H14.238V12.112H10.47V16H9.39Z" fill="var(--color-text)" id="icon-64-text"></path></svg>csp<wbr/>Directives</a></li>
+<li class="tsd-kind-function"><a href="../functions/cspHeader.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>csp<wbr/>Header</a></li>
+<li class="tsd-kind-function"><a href="../functions/cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li></ul></nav></div></div>
+<div class="container tsd-generator">
+<p>Generated using <a href="https://typedoc.org/" target="_blank">TypeDoc</a></p></div>
+<div class="overlay"></div><script src="../assets/main.js"></script></body></html>
\ No newline at end of file
diff --git a/docs/content-security-policy/variables/starter_policy.html b/docs/content-security-policy/variables/starter_policy.html
new file mode 100644
index 00000000..6ff23928
--- /dev/null
+++ b/docs/content-security-policy/variables/starter_policy.html
@@ -0,0 +1,70 @@
+<!DOCTYPE html><html class="default" lang="en"><head><meta charSet="utf-8"/><meta http-equiv="x-ua-compatible" content="IE=edge"/><title>starter_policy | @jackdbd/content-security-policy</title><meta name="description" content="Documentation for @jackdbd/content-security-policy"/><meta name="viewport" content="width=device-width, initial-scale=1"/><link rel="stylesheet" href="../assets/style.css"/><link rel="stylesheet" href="../assets/highlight.css"/><script async src="../assets/search.js" id="search-script"></script></head><body><script>document.documentElement.dataset.theme = localStorage.getItem("tsd-theme") || "os"</script><header class="tsd-page-toolbar">
+<div class="tsd-toolbar-contents container">
+<div class="table-cell" id="tsd-search" data-base="..">
+<div class="field"><label for="tsd-search-field" class="tsd-widget search no-caption"><svg width="16" height="16" viewBox="0 0 16 16" fill="none"><path d="M15.7824 13.833L12.6666 10.7177C12.5259 10.5771 12.3353 10.499 12.1353 10.499H11.6259C12.4884 9.39596 13.001 8.00859 13.001 6.49937C13.001 2.90909 10.0914 0 6.50048 0C2.90959 0 0 2.90909 0 6.49937C0 10.0896 2.90959 12.9987 6.50048 12.9987C8.00996 12.9987 9.39756 12.4863 10.5008 11.6239V12.1332C10.5008 12.3332 10.5789 12.5238 10.7195 12.6644L13.8354 15.7797C14.1292 16.0734 14.6042 16.0734 14.8948 15.7797L15.7793 14.8954C16.0731 14.6017 16.0731 14.1267 15.7824 13.833ZM6.50048 10.499C4.29094 10.499 2.50018 8.71165 2.50018 6.49937C2.50018 4.29021 4.28781 2.49976 6.50048 2.49976C8.71001 2.49976 10.5008 4.28708 10.5008 6.49937C10.5008 8.70852 8.71314 10.499 6.50048 10.499Z" fill="var(--color-text)"></path></svg></label><input type="text" id="tsd-search-field" aria-label="Search"/></div>
+<ul class="results">
+<li class="state loading">Preparing search index...</li>
+<li class="state failure">The search index is not available</li></ul><a href="../index.html" class="title">@jackdbd/content-security-policy</a></div>
+<div class="table-cell" id="tsd-widgets"><a href="#" class="tsd-widget menu no-caption" data-toggle="menu" aria-label="Menu"><svg width="16" height="16" viewBox="0 0 16 16" fill="none"><rect x="1" y="3" width="14" height="2" fill="var(--color-text)"></rect><rect x="1" y="7" width="14" height="2" fill="var(--color-text)"></rect><rect x="1" y="11" width="14" height="2" fill="var(--color-text)"></rect></svg></a></div></div></header>
+<div class="container container-main">
+<div class="col-8 col-content">
+<div class="tsd-page-title">
+<ul class="tsd-breadcrumb">
+<li><a href="../modules.html">@jackdbd/content-security-policy</a></li>
+<li><a href="starter_policy.html">starter_policy</a></li></ul>
+<h1>Variable starter_policy<code class="tsd-tag ts-flagConst">Const</code> </h1></div>
+<div class="tsd-signature">starter_<wbr/>policy<span class="tsd-signature-symbol">:</span> <span class="tsd-signature-symbol">{ </span>base-uri<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol">; </span>connect-src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol">; </span>default-src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol">; </span>form-action<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol">; </span>img-src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol">; </span>script-src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol">; </span>style-src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol"> }</span><span class="tsd-signature-symbol"> = ...</span></div>
+<div class="tsd-comment tsd-typography"><p>This is the starter policy described here:
+<a href="https://content-security-policy.com/">https://content-security-policy.com/</a></p>
+</div>
+<div class="tsd-type-declaration">
+<h4>Type declaration</h4>
+<ul class="tsd-parameters">
+<li class="tsd-parameter">
+<h5>base-<wbr/>uri<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></h5></li>
+<li class="tsd-parameter">
+<h5>connect-<wbr/>src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></h5></li>
+<li class="tsd-parameter">
+<h5>default-<wbr/>src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></h5></li>
+<li class="tsd-parameter">
+<h5>form-<wbr/>action<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></h5></li>
+<li class="tsd-parameter">
+<h5>img-<wbr/>src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></h5></li>
+<li class="tsd-parameter">
+<h5>script-<wbr/>src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></h5></li>
+<li class="tsd-parameter">
+<h5>style-<wbr/>src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></h5></li></ul></div><aside class="tsd-sources">
+<ul>
+<li>Defined in policies.ts:5</li></ul></aside></div>
+<div class="col-4 col-menu menu-sticky-wrap menu-highlight">
+<div class="tsd-navigation settings">
+<details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
+<h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.93896 8.531L12 15.591L19.061 8.531L16.939 6.409L12 11.349L7.06098 6.409L4.93896 8.531Z" fill="var(--color-text)"></path></svg> Settings</h3></summary>
+<div class="tsd-accordion-details">
+<div class="tsd-filter-visibility">
+<h4 class="uppercase">Member Visibility</h4><form>
+<ul id="tsd-filter-options">
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-protected" name="protected"/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>Protected</span></label></li>
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-inherited" name="inherited" checked/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>Inherited</span></label></li>
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-external" name="external"/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>External</span></label></li></ul></form></div>
+<div class="tsd-theme-toggle">
+<h4 class="uppercase">Theme</h4><select id="theme"><option value="os">OS</option><option value="light">Light</option><option value="dark">Dark</option></select></div></div></details></div>
+<nav class="tsd-navigation primary">
+<details class="tsd-index-accordion" open><summary class="tsd-accordion-summary">
+<h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.93896 8.531L12 15.591L19.061 8.531L16.939 6.409L12 11.349L7.06098 6.409L4.93896 8.531Z" fill="var(--color-text)"></path></svg> Modules</h3></summary>
+<div class="tsd-accordion-details">
+<ul>
+<li><a href="../modules.html">@jackdbd/content-<wbr/>security-<wbr/>policy</a>
+<ul></ul></li></ul></div></details></nav>
+<nav class="tsd-navigation secondary menu-sticky">
+<ul>
+<li class="tsd-kind-interface"><a href="../interfaces/Config.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-interface)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-256-path"></rect><path d="M9.51 16V15.016H11.298V8.224H9.51V7.24H14.19V8.224H12.402V15.016H14.19V16H9.51Z" fill="var(--color-text)" id="icon-256-text"></path></svg>Config</a></li>
+<li class="tsd-kind-interface"><a href="../interfaces/Directives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Directives</a></li>
+<li class="tsd-kind-variable"><a href="recommended_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-variable)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-32-path"></rect><path d="M11.106 16L8.85 7.24H9.966L11.454 13.192C11.558 13.608 11.646 13.996 11.718 14.356C11.79 14.708 11.842 14.976 11.874 15.16C11.906 14.976 11.954 14.708 12.018 14.356C12.09 13.996 12.178 13.608 12.282 13.192L13.758 7.24H14.85L12.582 16H11.106Z" fill="var(--color-text)" id="icon-32-text"></path></svg>recommended_<wbr/>policy</a></li>
+<li class="current tsd-kind-variable"><a href="starter_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-32-path"></use><use href="#icon-32-text"></use></svg>starter_<wbr/>policy</a></li>
+<li class="tsd-kind-function"><a href="../functions/cspDirectives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-function)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-64-path"></rect><path d="M9.39 16V7.24H14.55V8.224H10.446V11.128H14.238V12.112H10.47V16H9.39Z" fill="var(--color-text)" id="icon-64-text"></path></svg>csp<wbr/>Directives</a></li>
+<li class="tsd-kind-function"><a href="../functions/cspHeader.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>csp<wbr/>Header</a></li>
+<li class="tsd-kind-function"><a href="../functions/cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li></ul></nav></div></div>
+<div class="container tsd-generator">
+<p>Generated using <a href="https://typedoc.org/" target="_blank">TypeDoc</a></p></div>
+<div class="overlay"></div><script src="../assets/main.js"></script></body></html>
\ No newline at end of file
diff --git a/package-lock.json b/package-lock.json
index e3315d36..801cb468 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -2250,6 +2250,10 @@
       "resolved": "packages/cloud-tasks-utils",
       "link": true
     },
+    "node_modules/@jackdbd/content-security-policy": {
+      "resolved": "packages/content-security-policy",
+      "link": true
+    },
     "node_modules/@jackdbd/fattureincloud-client": {
       "resolved": "packages/fattureincloud-client",
       "link": true
@@ -10319,6 +10323,11 @@
         "node": ">=8"
       }
     },
+    "node_modules/himalaya": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/himalaya/-/himalaya-1.1.0.tgz",
+      "integrity": "sha512-LLase1dHCRMel68/HZTFft0N0wti0epHr3nNY7ynpLbyZpmrKMQ8YIpiOV77TM97cNpC8Wb2n6f66IRggwdWPw=="
+    },
     "node_modules/hook-std": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/hook-std/-/hook-std-2.0.0.tgz",
@@ -22991,9 +23000,34 @@
         "@google-cloud/tasks": ">= 3.0.0"
       }
     },
+    "packages/content-security-policy": {
+      "version": "0.0.0",
+      "license": "MIT",
+      "dependencies": {
+        "debug": "^4.3.4",
+        "himalaya": "^1.1.0",
+        "joi": "^17.6.1"
+      },
+      "devDependencies": {},
+      "engines": {
+        "node": ">=14.19.3"
+      }
+    },
+    "packages/content-security-policy/node_modules/joi": {
+      "version": "17.6.1",
+      "resolved": "https://registry.npmjs.org/joi/-/joi-17.6.1.tgz",
+      "integrity": "sha512-Hl7/iBklIX345OCM1TiFSCZRVaAOLDGlWCp0Df2vWYgBgjkezaR7Kvm3joBciBHQjZj5sxXs859r6eqsRSlG8w==",
+      "dependencies": {
+        "@hapi/hoek": "^9.0.0",
+        "@hapi/topo": "^5.0.0",
+        "@sideway/address": "^4.1.3",
+        "@sideway/formula": "^3.0.0",
+        "@sideway/pinpoint": "^2.0.0"
+      }
+    },
     "packages/fattureincloud-client": {
       "name": "@jackdbd/fattureincloud-client",
-      "version": "1.0.3",
+      "version": "1.1.0",
       "license": "MIT",
       "dependencies": {
         "bottleneck": "^2.19.5",
@@ -23007,10 +23041,10 @@
     },
     "packages/firestore-utils": {
       "name": "@jackdbd/firestore-utils",
-      "version": "1.4.1-canary.1",
+      "version": "1.5.0",
       "license": "MIT",
       "dependencies": {
-        "@jackdbd/utils": "1.4.0-canary.1",
+        "@jackdbd/utils": "1.4.0",
         "debug": "^4.3.4"
       },
       "devDependencies": {
@@ -23037,105 +23071,6 @@
         "node": ">=16.0.0"
       }
     },
-    "packages/keap-client/node_modules/@jackdbd/utils": {
-      "version": "1.3.0",
-      "resolved": "https://registry.npmjs.org/@jackdbd/utils/-/utils-1.3.0.tgz",
-      "integrity": "sha512-r1In2Ww/x9H9OMCQxytVhS9euIjdwRLGozIZzgoPA6ooQs3KDZFc/Yxiod14vzP/cWs37XpIFEGhPfm6Q3aDSg==",
-      "dependencies": {
-        "wait-port": "^0.2.9"
-      },
-      "engines": {
-        "node": ">=16.0.0"
-      },
-      "peerDependencies": {
-        "debug": ">=4.0.0"
-      }
-    },
-    "packages/keap-client/node_modules/ansi-styles": {
-      "version": "3.2.1",
-      "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz",
-      "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==",
-      "dependencies": {
-        "color-convert": "^1.9.0"
-      },
-      "engines": {
-        "node": ">=4"
-      }
-    },
-    "packages/keap-client/node_modules/chalk": {
-      "version": "2.4.2",
-      "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz",
-      "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==",
-      "dependencies": {
-        "ansi-styles": "^3.2.1",
-        "escape-string-regexp": "^1.0.5",
-        "supports-color": "^5.3.0"
-      },
-      "engines": {
-        "node": ">=4"
-      }
-    },
-    "packages/keap-client/node_modules/color-convert": {
-      "version": "1.9.3",
-      "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz",
-      "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==",
-      "dependencies": {
-        "color-name": "1.1.3"
-      }
-    },
-    "packages/keap-client/node_modules/color-name": {
-      "version": "1.1.3",
-      "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz",
-      "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw=="
-    },
-    "packages/keap-client/node_modules/commander": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/commander/-/commander-3.0.2.tgz",
-      "integrity": "sha512-Gar0ASD4BDyKC4hl4DwHqDrmvjoxWKZigVnAbn5H1owvm4CxCPdb0HQDehwNYMJpla5+M2tPmPARzhtYuwpHow=="
-    },
-    "packages/keap-client/node_modules/escape-string-regexp": {
-      "version": "1.0.5",
-      "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz",
-      "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==",
-      "engines": {
-        "node": ">=0.8.0"
-      }
-    },
-    "packages/keap-client/node_modules/has-flag": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz",
-      "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==",
-      "engines": {
-        "node": ">=4"
-      }
-    },
-    "packages/keap-client/node_modules/supports-color": {
-      "version": "5.5.0",
-      "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz",
-      "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==",
-      "dependencies": {
-        "has-flag": "^3.0.0"
-      },
-      "engines": {
-        "node": ">=4"
-      }
-    },
-    "packages/keap-client/node_modules/wait-port": {
-      "version": "0.2.14",
-      "resolved": "https://registry.npmjs.org/wait-port/-/wait-port-0.2.14.tgz",
-      "integrity": "sha512-kIzjWcr6ykl7WFbZd0TMae8xovwqcqbx6FM9l+7agOgUByhzdjfzZBPK2CPufldTOMxbUivss//Sh9MFawmPRQ==",
-      "dependencies": {
-        "chalk": "^2.4.2",
-        "commander": "^3.0.2",
-        "debug": "^4.1.1"
-      },
-      "bin": {
-        "wait-port": "bin/wait-port.js"
-      },
-      "engines": {
-        "node": ">=8"
-      }
-    },
     "packages/notifications": {
       "name": "@jackdbd/notifications",
       "version": "1.0.3",
@@ -23655,74 +23590,10 @@
         "node": ">=16.0.0"
       }
     },
-    "packages/telegram-bot/node_modules/@jackdbd/utils": {
-      "version": "1.3.0",
-      "resolved": "https://registry.npmjs.org/@jackdbd/utils/-/utils-1.3.0.tgz",
-      "integrity": "sha512-r1In2Ww/x9H9OMCQxytVhS9euIjdwRLGozIZzgoPA6ooQs3KDZFc/Yxiod14vzP/cWs37XpIFEGhPfm6Q3aDSg==",
-      "dependencies": {
-        "wait-port": "^0.2.9"
-      },
-      "engines": {
-        "node": ">=16.0.0"
-      },
-      "peerDependencies": {
-        "debug": ">=4.0.0"
-      }
-    },
-    "packages/telegram-bot/node_modules/ansi-styles": {
-      "version": "3.2.1",
-      "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz",
-      "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==",
-      "dependencies": {
-        "color-convert": "^1.9.0"
-      },
-      "engines": {
-        "node": ">=4"
-      }
-    },
-    "packages/telegram-bot/node_modules/chalk": {
-      "version": "2.4.2",
-      "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz",
-      "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==",
-      "dependencies": {
-        "ansi-styles": "^3.2.1",
-        "escape-string-regexp": "^1.0.5",
-        "supports-color": "^5.3.0"
-      },
-      "engines": {
-        "node": ">=4"
-      }
-    },
-    "packages/telegram-bot/node_modules/color-convert": {
-      "version": "1.9.3",
-      "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz",
-      "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==",
-      "dependencies": {
-        "color-name": "1.1.3"
-      }
-    },
-    "packages/telegram-bot/node_modules/color-name": {
-      "version": "1.1.3",
-      "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz",
-      "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw=="
-    },
-    "packages/telegram-bot/node_modules/commander": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/commander/-/commander-3.0.2.tgz",
-      "integrity": "sha512-Gar0ASD4BDyKC4hl4DwHqDrmvjoxWKZigVnAbn5H1owvm4CxCPdb0HQDehwNYMJpla5+M2tPmPARzhtYuwpHow=="
-    },
     "packages/telegram-bot/node_modules/emoji-regex": {
       "version": "8.0.0",
       "license": "MIT"
     },
-    "packages/telegram-bot/node_modules/escape-string-regexp": {
-      "version": "1.0.5",
-      "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz",
-      "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==",
-      "engines": {
-        "node": ">=0.8.0"
-      }
-    },
     "packages/telegram-bot/node_modules/google-gax": {
       "version": "2.30.5",
       "license": "Apache-2.0",
@@ -23748,14 +23619,6 @@
         "node": ">=10"
       }
     },
-    "packages/telegram-bot/node_modules/has-flag": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz",
-      "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==",
-      "engines": {
-        "node": ">=4"
-      }
-    },
     "packages/telegram-bot/node_modules/is-fullwidth-code-point": {
       "version": "3.0.0",
       "license": "MIT",
@@ -23807,33 +23670,6 @@
         "node": ">=8"
       }
     },
-    "packages/telegram-bot/node_modules/supports-color": {
-      "version": "5.5.0",
-      "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz",
-      "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==",
-      "dependencies": {
-        "has-flag": "^3.0.0"
-      },
-      "engines": {
-        "node": ">=4"
-      }
-    },
-    "packages/telegram-bot/node_modules/wait-port": {
-      "version": "0.2.14",
-      "resolved": "https://registry.npmjs.org/wait-port/-/wait-port-0.2.14.tgz",
-      "integrity": "sha512-kIzjWcr6ykl7WFbZd0TMae8xovwqcqbx6FM9l+7agOgUByhzdjfzZBPK2CPufldTOMxbUivss//Sh9MFawmPRQ==",
-      "dependencies": {
-        "chalk": "^2.4.2",
-        "commander": "^3.0.2",
-        "debug": "^4.1.1"
-      },
-      "bin": {
-        "wait-port": "bin/wait-port.js"
-      },
-      "engines": {
-        "node": ">=8"
-      }
-    },
     "packages/telegram-bot/node_modules/yargs": {
       "version": "16.2.0",
       "license": "MIT",
@@ -23852,7 +23688,7 @@
     },
     "packages/telegram-text-messages": {
       "name": "@jackdbd/telegram-text-messages",
-      "version": "1.2.0-canary.1",
+      "version": "1.2.0",
       "license": "MIT",
       "devDependencies": {},
       "engines": {
@@ -23861,7 +23697,7 @@
     },
     "packages/utils": {
       "name": "@jackdbd/utils",
-      "version": "1.4.0-canary.1",
+      "version": "1.4.0",
       "license": "MIT",
       "dependencies": {
         "wait-port": "^0.2.9"
@@ -24155,20 +23991,6 @@
         "node": ">=16.0.0"
       }
     },
-    "packages/wasm-news/node_modules/@jackdbd/utils": {
-      "version": "1.3.0",
-      "resolved": "https://registry.npmjs.org/@jackdbd/utils/-/utils-1.3.0.tgz",
-      "integrity": "sha512-r1In2Ww/x9H9OMCQxytVhS9euIjdwRLGozIZzgoPA6ooQs3KDZFc/Yxiod14vzP/cWs37XpIFEGhPfm6Q3aDSg==",
-      "dependencies": {
-        "wait-port": "^0.2.9"
-      },
-      "engines": {
-        "node": ">=16.0.0"
-      },
-      "peerDependencies": {
-        "debug": ">=4.0.0"
-      }
-    },
     "packages/wasm-news/node_modules/@octokit/auth-token": {
       "version": "2.5.0",
       "license": "MIT",
@@ -24270,17 +24092,6 @@
         "@octokit/openapi-types": "^12.11.0"
       }
     },
-    "packages/wasm-news/node_modules/ansi-styles": {
-      "version": "3.2.1",
-      "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz",
-      "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==",
-      "dependencies": {
-        "color-convert": "^1.9.0"
-      },
-      "engines": {
-        "node": ">=4"
-      }
-    },
     "packages/wasm-news/node_modules/axios": {
       "version": "0.21.4",
       "license": "MIT",
@@ -24288,49 +24099,10 @@
         "follow-redirects": "^1.14.0"
       }
     },
-    "packages/wasm-news/node_modules/chalk": {
-      "version": "2.4.2",
-      "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz",
-      "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==",
-      "dependencies": {
-        "ansi-styles": "^3.2.1",
-        "escape-string-regexp": "^1.0.5",
-        "supports-color": "^5.3.0"
-      },
-      "engines": {
-        "node": ">=4"
-      }
-    },
-    "packages/wasm-news/node_modules/color-convert": {
-      "version": "1.9.3",
-      "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz",
-      "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==",
-      "dependencies": {
-        "color-name": "1.1.3"
-      }
-    },
-    "packages/wasm-news/node_modules/color-name": {
-      "version": "1.1.3",
-      "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz",
-      "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw=="
-    },
-    "packages/wasm-news/node_modules/commander": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/commander/-/commander-3.0.2.tgz",
-      "integrity": "sha512-Gar0ASD4BDyKC4hl4DwHqDrmvjoxWKZigVnAbn5H1owvm4CxCPdb0HQDehwNYMJpla5+M2tPmPARzhtYuwpHow=="
-    },
     "packages/wasm-news/node_modules/emoji-regex": {
       "version": "8.0.0",
       "license": "MIT"
     },
-    "packages/wasm-news/node_modules/escape-string-regexp": {
-      "version": "1.0.5",
-      "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz",
-      "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==",
-      "engines": {
-        "node": ">=0.8.0"
-      }
-    },
     "packages/wasm-news/node_modules/google-auth-library": {
       "version": "6.1.6",
       "license": "Apache-2.0",
@@ -24404,14 +24176,6 @@
         "node": ">=0.8.0"
       }
     },
-    "packages/wasm-news/node_modules/has-flag": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz",
-      "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==",
-      "engines": {
-        "node": ">=4"
-      }
-    },
     "packages/wasm-news/node_modules/is-fullwidth-code-point": {
       "version": "3.0.0",
       "license": "MIT",
@@ -24463,38 +24227,11 @@
         "node": ">=8"
       }
     },
-    "packages/wasm-news/node_modules/supports-color": {
-      "version": "5.5.0",
-      "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz",
-      "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==",
-      "dependencies": {
-        "has-flag": "^3.0.0"
-      },
-      "engines": {
-        "node": ">=4"
-      }
-    },
     "packages/wasm-news/node_modules/twitter-api-v2": {
       "version": "1.12.0",
       "resolved": "https://registry.npmjs.org/twitter-api-v2/-/twitter-api-v2-1.12.0.tgz",
       "integrity": "sha512-8Fv+sUYY0P1gloiBSgG1w/NSuGUIP32lDKMPVzIMX3jd4zDhiJFtCft41fKs+JqcD8m7s+4vkMO/XwyY2+NULQ=="
     },
-    "packages/wasm-news/node_modules/wait-port": {
-      "version": "0.2.14",
-      "resolved": "https://registry.npmjs.org/wait-port/-/wait-port-0.2.14.tgz",
-      "integrity": "sha512-kIzjWcr6ykl7WFbZd0TMae8xovwqcqbx6FM9l+7agOgUByhzdjfzZBPK2CPufldTOMxbUivss//Sh9MFawmPRQ==",
-      "dependencies": {
-        "chalk": "^2.4.2",
-        "commander": "^3.0.2",
-        "debug": "^4.1.1"
-      },
-      "bin": {
-        "wait-port": "bin/wait-port.js"
-      },
-      "engines": {
-        "node": ">=8"
-      }
-    },
     "packages/wasm-news/node_modules/yargs": {
       "version": "16.2.0",
       "license": "MIT",
@@ -24749,31 +24486,6 @@
         "node": ">=16.0.0"
       }
     },
-    "packages/webhooks/node_modules/@jackdbd/utils": {
-      "version": "1.3.0",
-      "resolved": "https://registry.npmjs.org/@jackdbd/utils/-/utils-1.3.0.tgz",
-      "integrity": "sha512-r1In2Ww/x9H9OMCQxytVhS9euIjdwRLGozIZzgoPA6ooQs3KDZFc/Yxiod14vzP/cWs37XpIFEGhPfm6Q3aDSg==",
-      "dependencies": {
-        "wait-port": "^0.2.9"
-      },
-      "engines": {
-        "node": ">=16.0.0"
-      },
-      "peerDependencies": {
-        "debug": ">=4.0.0"
-      }
-    },
-    "packages/webhooks/node_modules/ansi-styles": {
-      "version": "3.2.1",
-      "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz",
-      "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==",
-      "dependencies": {
-        "color-convert": "^1.9.0"
-      },
-      "engines": {
-        "node": ">=4"
-      }
-    },
     "packages/webhooks/node_modules/axios": {
       "version": "0.21.4",
       "license": "MIT",
@@ -24781,49 +24493,10 @@
         "follow-redirects": "^1.14.0"
       }
     },
-    "packages/webhooks/node_modules/chalk": {
-      "version": "2.4.2",
-      "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz",
-      "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==",
-      "dependencies": {
-        "ansi-styles": "^3.2.1",
-        "escape-string-regexp": "^1.0.5",
-        "supports-color": "^5.3.0"
-      },
-      "engines": {
-        "node": ">=4"
-      }
-    },
-    "packages/webhooks/node_modules/color-convert": {
-      "version": "1.9.3",
-      "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz",
-      "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==",
-      "dependencies": {
-        "color-name": "1.1.3"
-      }
-    },
-    "packages/webhooks/node_modules/color-name": {
-      "version": "1.1.3",
-      "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz",
-      "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw=="
-    },
-    "packages/webhooks/node_modules/commander": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/commander/-/commander-3.0.2.tgz",
-      "integrity": "sha512-Gar0ASD4BDyKC4hl4DwHqDrmvjoxWKZigVnAbn5H1owvm4CxCPdb0HQDehwNYMJpla5+M2tPmPARzhtYuwpHow=="
-    },
     "packages/webhooks/node_modules/emoji-regex": {
       "version": "8.0.0",
       "license": "MIT"
     },
-    "packages/webhooks/node_modules/escape-string-regexp": {
-      "version": "1.0.5",
-      "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz",
-      "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==",
-      "engines": {
-        "node": ">=0.8.0"
-      }
-    },
     "packages/webhooks/node_modules/google-auth-library": {
       "version": "6.1.6",
       "license": "Apache-2.0",
@@ -24897,14 +24570,6 @@
         "node": ">=0.8.0"
       }
     },
-    "packages/webhooks/node_modules/has-flag": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz",
-      "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==",
-      "engines": {
-        "node": ">=4"
-      }
-    },
     "packages/webhooks/node_modules/ipaddr.js": {
       "version": "2.0.1",
       "license": "MIT",
@@ -24963,33 +24628,6 @@
         "node": ">=8"
       }
     },
-    "packages/webhooks/node_modules/supports-color": {
-      "version": "5.5.0",
-      "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz",
-      "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==",
-      "dependencies": {
-        "has-flag": "^3.0.0"
-      },
-      "engines": {
-        "node": ">=4"
-      }
-    },
-    "packages/webhooks/node_modules/wait-port": {
-      "version": "0.2.14",
-      "resolved": "https://registry.npmjs.org/wait-port/-/wait-port-0.2.14.tgz",
-      "integrity": "sha512-kIzjWcr6ykl7WFbZd0TMae8xovwqcqbx6FM9l+7agOgUByhzdjfzZBPK2CPufldTOMxbUivss//Sh9MFawmPRQ==",
-      "dependencies": {
-        "chalk": "^2.4.2",
-        "commander": "^3.0.2",
-        "debug": "^4.1.1"
-      },
-      "bin": {
-        "wait-port": "bin/wait-port.js"
-      },
-      "engines": {
-        "node": ">=8"
-      }
-    },
     "packages/webhooks/node_modules/yargs": {
       "version": "16.2.0",
       "license": "MIT",
@@ -26744,6 +26382,28 @@
       "version": "file:packages/cloud-tasks-utils",
       "requires": {}
     },
+    "@jackdbd/content-security-policy": {
+      "version": "file:packages/content-security-policy",
+      "requires": {
+        "debug": "^4.3.4",
+        "himalaya": "^1.1.0",
+        "joi": "^17.6.1"
+      },
+      "dependencies": {
+        "joi": {
+          "version": "17.6.1",
+          "resolved": "https://registry.npmjs.org/joi/-/joi-17.6.1.tgz",
+          "integrity": "sha512-Hl7/iBklIX345OCM1TiFSCZRVaAOLDGlWCp0Df2vWYgBgjkezaR7Kvm3joBciBHQjZj5sxXs859r6eqsRSlG8w==",
+          "requires": {
+            "@hapi/hoek": "^9.0.0",
+            "@hapi/topo": "^5.0.0",
+            "@sideway/address": "^4.1.3",
+            "@sideway/formula": "^3.0.0",
+            "@sideway/pinpoint": "^2.0.0"
+          }
+        }
+      }
+    },
     "@jackdbd/fattureincloud-client": {
       "version": "file:packages/fattureincloud-client",
       "requires": {
@@ -26756,7 +26416,7 @@
       "version": "file:packages/firestore-utils",
       "requires": {
         "@google-cloud/firestore": "^6.0.0",
-        "@jackdbd/utils": "1.4.0-canary.1",
+        "@jackdbd/utils": "1.4.0",
         "debug": "^4.3.4"
       }
     },
@@ -26808,80 +26468,6 @@
         "@jackdbd/utils": ">=1.3.0",
         "debug": ">=4.0.0",
         "phin": "^3.6.1"
-      },
-      "dependencies": {
-        "@jackdbd/utils": {
-          "version": "1.3.0",
-          "resolved": "https://registry.npmjs.org/@jackdbd/utils/-/utils-1.3.0.tgz",
-          "integrity": "sha512-r1In2Ww/x9H9OMCQxytVhS9euIjdwRLGozIZzgoPA6ooQs3KDZFc/Yxiod14vzP/cWs37XpIFEGhPfm6Q3aDSg==",
-          "requires": {
-            "wait-port": "^0.2.9"
-          }
-        },
-        "ansi-styles": {
-          "version": "3.2.1",
-          "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz",
-          "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==",
-          "requires": {
-            "color-convert": "^1.9.0"
-          }
-        },
-        "chalk": {
-          "version": "2.4.2",
-          "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz",
-          "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==",
-          "requires": {
-            "ansi-styles": "^3.2.1",
-            "escape-string-regexp": "^1.0.5",
-            "supports-color": "^5.3.0"
-          }
-        },
-        "color-convert": {
-          "version": "1.9.3",
-          "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz",
-          "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==",
-          "requires": {
-            "color-name": "1.1.3"
-          }
-        },
-        "color-name": {
-          "version": "1.1.3",
-          "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz",
-          "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw=="
-        },
-        "commander": {
-          "version": "3.0.2",
-          "resolved": "https://registry.npmjs.org/commander/-/commander-3.0.2.tgz",
-          "integrity": "sha512-Gar0ASD4BDyKC4hl4DwHqDrmvjoxWKZigVnAbn5H1owvm4CxCPdb0HQDehwNYMJpla5+M2tPmPARzhtYuwpHow=="
-        },
-        "escape-string-regexp": {
-          "version": "1.0.5",
-          "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz",
-          "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg=="
-        },
-        "has-flag": {
-          "version": "3.0.0",
-          "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz",
-          "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw=="
-        },
-        "supports-color": {
-          "version": "5.5.0",
-          "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz",
-          "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==",
-          "requires": {
-            "has-flag": "^3.0.0"
-          }
-        },
-        "wait-port": {
-          "version": "0.2.14",
-          "resolved": "https://registry.npmjs.org/wait-port/-/wait-port-0.2.14.tgz",
-          "integrity": "sha512-kIzjWcr6ykl7WFbZd0TMae8xovwqcqbx6FM9l+7agOgUByhzdjfzZBPK2CPufldTOMxbUivss//Sh9MFawmPRQ==",
-          "requires": {
-            "chalk": "^2.4.2",
-            "commander": "^3.0.2",
-            "debug": "^4.1.1"
-          }
-        }
       }
     },
     "@jackdbd/notifications": {
@@ -27228,58 +26814,9 @@
           "resolved": "https://registry.npmjs.org/@jackdbd/telegram-text-messages/-/telegram-text-messages-1.1.0.tgz",
           "integrity": "sha512-3a1Z0Xvyu6lsFmcqahVjmw3yFRZwvPBlUETsZyrcSZjnPVd0bc0zIDWv3aTmnbHbLPnpq5PD3LZSxR3I6JRWhA=="
         },
-        "@jackdbd/utils": {
-          "version": "1.3.0",
-          "resolved": "https://registry.npmjs.org/@jackdbd/utils/-/utils-1.3.0.tgz",
-          "integrity": "sha512-r1In2Ww/x9H9OMCQxytVhS9euIjdwRLGozIZzgoPA6ooQs3KDZFc/Yxiod14vzP/cWs37XpIFEGhPfm6Q3aDSg==",
-          "requires": {
-            "wait-port": "^0.2.9"
-          }
-        },
-        "ansi-styles": {
-          "version": "3.2.1",
-          "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz",
-          "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==",
-          "requires": {
-            "color-convert": "^1.9.0"
-          }
-        },
-        "chalk": {
-          "version": "2.4.2",
-          "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz",
-          "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==",
-          "requires": {
-            "ansi-styles": "^3.2.1",
-            "escape-string-regexp": "^1.0.5",
-            "supports-color": "^5.3.0"
-          }
-        },
-        "color-convert": {
-          "version": "1.9.3",
-          "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz",
-          "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==",
-          "requires": {
-            "color-name": "1.1.3"
-          }
-        },
-        "color-name": {
-          "version": "1.1.3",
-          "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz",
-          "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw=="
-        },
-        "commander": {
-          "version": "3.0.2",
-          "resolved": "https://registry.npmjs.org/commander/-/commander-3.0.2.tgz",
-          "integrity": "sha512-Gar0ASD4BDyKC4hl4DwHqDrmvjoxWKZigVnAbn5H1owvm4CxCPdb0HQDehwNYMJpla5+M2tPmPARzhtYuwpHow=="
-        },
         "emoji-regex": {
           "version": "8.0.0"
         },
-        "escape-string-regexp": {
-          "version": "1.0.5",
-          "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz",
-          "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg=="
-        },
         "google-gax": {
           "version": "2.30.5",
           "requires": {
@@ -27298,11 +26835,6 @@
             "retry-request": "^4.0.0"
           }
         },
-        "has-flag": {
-          "version": "3.0.0",
-          "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz",
-          "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw=="
-        },
         "is-fullwidth-code-point": {
           "version": "3.0.0"
         },
@@ -27340,24 +26872,6 @@
             "strip-ansi": "^6.0.1"
           }
         },
-        "supports-color": {
-          "version": "5.5.0",
-          "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz",
-          "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==",
-          "requires": {
-            "has-flag": "^3.0.0"
-          }
-        },
-        "wait-port": {
-          "version": "0.2.14",
-          "resolved": "https://registry.npmjs.org/wait-port/-/wait-port-0.2.14.tgz",
-          "integrity": "sha512-kIzjWcr6ykl7WFbZd0TMae8xovwqcqbx6FM9l+7agOgUByhzdjfzZBPK2CPufldTOMxbUivss//Sh9MFawmPRQ==",
-          "requires": {
-            "chalk": "^2.4.2",
-            "commander": "^3.0.2",
-            "debug": "^4.1.1"
-          }
-        },
         "yargs": {
           "version": "16.2.0",
           "requires": {
@@ -27582,14 +27096,6 @@
           "resolved": "https://registry.npmjs.org/@jackdbd/telegram-text-messages/-/telegram-text-messages-1.1.0.tgz",
           "integrity": "sha512-3a1Z0Xvyu6lsFmcqahVjmw3yFRZwvPBlUETsZyrcSZjnPVd0bc0zIDWv3aTmnbHbLPnpq5PD3LZSxR3I6JRWhA=="
         },
-        "@jackdbd/utils": {
-          "version": "1.3.0",
-          "resolved": "https://registry.npmjs.org/@jackdbd/utils/-/utils-1.3.0.tgz",
-          "integrity": "sha512-r1In2Ww/x9H9OMCQxytVhS9euIjdwRLGozIZzgoPA6ooQs3KDZFc/Yxiod14vzP/cWs37XpIFEGhPfm6Q3aDSg==",
-          "requires": {
-            "wait-port": "^0.2.9"
-          }
-        },
         "@octokit/auth-token": {
           "version": "2.5.0",
           "requires": {
@@ -27674,56 +27180,15 @@
             "@octokit/openapi-types": "^12.11.0"
           }
         },
-        "ansi-styles": {
-          "version": "3.2.1",
-          "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz",
-          "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==",
-          "requires": {
-            "color-convert": "^1.9.0"
-          }
-        },
         "axios": {
           "version": "0.21.4",
           "requires": {
             "follow-redirects": "^1.14.0"
           }
         },
-        "chalk": {
-          "version": "2.4.2",
-          "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz",
-          "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==",
-          "requires": {
-            "ansi-styles": "^3.2.1",
-            "escape-string-regexp": "^1.0.5",
-            "supports-color": "^5.3.0"
-          }
-        },
-        "color-convert": {
-          "version": "1.9.3",
-          "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz",
-          "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==",
-          "requires": {
-            "color-name": "1.1.3"
-          }
-        },
-        "color-name": {
-          "version": "1.1.3",
-          "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz",
-          "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw=="
-        },
-        "commander": {
-          "version": "3.0.2",
-          "resolved": "https://registry.npmjs.org/commander/-/commander-3.0.2.tgz",
-          "integrity": "sha512-Gar0ASD4BDyKC4hl4DwHqDrmvjoxWKZigVnAbn5H1owvm4CxCPdb0HQDehwNYMJpla5+M2tPmPARzhtYuwpHow=="
-        },
         "emoji-regex": {
           "version": "8.0.0"
         },
-        "escape-string-regexp": {
-          "version": "1.0.5",
-          "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz",
-          "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg=="
-        },
         "google-auth-library": {
           "version": "6.1.6",
           "requires": {
@@ -27780,11 +27245,6 @@
             "lodash": "^4.17.21"
           }
         },
-        "has-flag": {
-          "version": "3.0.0",
-          "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz",
-          "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw=="
-        },
         "is-fullwidth-code-point": {
           "version": "3.0.0"
         },
@@ -27822,29 +27282,11 @@
             "strip-ansi": "^6.0.1"
           }
         },
-        "supports-color": {
-          "version": "5.5.0",
-          "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz",
-          "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==",
-          "requires": {
-            "has-flag": "^3.0.0"
-          }
-        },
         "twitter-api-v2": {
           "version": "1.12.0",
           "resolved": "https://registry.npmjs.org/twitter-api-v2/-/twitter-api-v2-1.12.0.tgz",
           "integrity": "sha512-8Fv+sUYY0P1gloiBSgG1w/NSuGUIP32lDKMPVzIMX3jd4zDhiJFtCft41fKs+JqcD8m7s+4vkMO/XwyY2+NULQ=="
         },
-        "wait-port": {
-          "version": "0.2.14",
-          "resolved": "https://registry.npmjs.org/wait-port/-/wait-port-0.2.14.tgz",
-          "integrity": "sha512-kIzjWcr6ykl7WFbZd0TMae8xovwqcqbx6FM9l+7agOgUByhzdjfzZBPK2CPufldTOMxbUivss//Sh9MFawmPRQ==",
-          "requires": {
-            "chalk": "^2.4.2",
-            "commander": "^3.0.2",
-            "debug": "^4.1.1"
-          }
-        },
         "yargs": {
           "version": "16.2.0",
           "requires": {
@@ -28036,64 +27478,15 @@
           "resolved": "https://registry.npmjs.org/@jackdbd/telegram-text-messages/-/telegram-text-messages-1.1.0.tgz",
           "integrity": "sha512-3a1Z0Xvyu6lsFmcqahVjmw3yFRZwvPBlUETsZyrcSZjnPVd0bc0zIDWv3aTmnbHbLPnpq5PD3LZSxR3I6JRWhA=="
         },
-        "@jackdbd/utils": {
-          "version": "1.3.0",
-          "resolved": "https://registry.npmjs.org/@jackdbd/utils/-/utils-1.3.0.tgz",
-          "integrity": "sha512-r1In2Ww/x9H9OMCQxytVhS9euIjdwRLGozIZzgoPA6ooQs3KDZFc/Yxiod14vzP/cWs37XpIFEGhPfm6Q3aDSg==",
-          "requires": {
-            "wait-port": "^0.2.9"
-          }
-        },
-        "ansi-styles": {
-          "version": "3.2.1",
-          "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz",
-          "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==",
-          "requires": {
-            "color-convert": "^1.9.0"
-          }
-        },
         "axios": {
           "version": "0.21.4",
           "requires": {
             "follow-redirects": "^1.14.0"
           }
         },
-        "chalk": {
-          "version": "2.4.2",
-          "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz",
-          "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==",
-          "requires": {
-            "ansi-styles": "^3.2.1",
-            "escape-string-regexp": "^1.0.5",
-            "supports-color": "^5.3.0"
-          }
-        },
-        "color-convert": {
-          "version": "1.9.3",
-          "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz",
-          "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==",
-          "requires": {
-            "color-name": "1.1.3"
-          }
-        },
-        "color-name": {
-          "version": "1.1.3",
-          "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz",
-          "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw=="
-        },
-        "commander": {
-          "version": "3.0.2",
-          "resolved": "https://registry.npmjs.org/commander/-/commander-3.0.2.tgz",
-          "integrity": "sha512-Gar0ASD4BDyKC4hl4DwHqDrmvjoxWKZigVnAbn5H1owvm4CxCPdb0HQDehwNYMJpla5+M2tPmPARzhtYuwpHow=="
-        },
         "emoji-regex": {
           "version": "8.0.0"
         },
-        "escape-string-regexp": {
-          "version": "1.0.5",
-          "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz",
-          "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg=="
-        },
         "google-auth-library": {
           "version": "6.1.6",
           "requires": {
@@ -28150,11 +27543,6 @@
             "lodash": "^4.17.21"
           }
         },
-        "has-flag": {
-          "version": "3.0.0",
-          "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz",
-          "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw=="
-        },
         "ipaddr.js": {
           "version": "2.0.1"
         },
@@ -28195,24 +27583,6 @@
             "strip-ansi": "^6.0.1"
           }
         },
-        "supports-color": {
-          "version": "5.5.0",
-          "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz",
-          "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==",
-          "requires": {
-            "has-flag": "^3.0.0"
-          }
-        },
-        "wait-port": {
-          "version": "0.2.14",
-          "resolved": "https://registry.npmjs.org/wait-port/-/wait-port-0.2.14.tgz",
-          "integrity": "sha512-kIzjWcr6ykl7WFbZd0TMae8xovwqcqbx6FM9l+7agOgUByhzdjfzZBPK2CPufldTOMxbUivss//Sh9MFawmPRQ==",
-          "requires": {
-            "chalk": "^2.4.2",
-            "commander": "^3.0.2",
-            "debug": "^4.1.1"
-          }
-        },
         "yargs": {
           "version": "16.2.0",
           "requires": {
@@ -34278,6 +33648,11 @@
       "integrity": "sha512-QFLV0taWQOZtvIRIAdBChesmogZrtuXvVWsFHZTk2SU+anspqZ2vMnoLg7IE1+Uk16N19APic1BuF8bC8c2m5g==",
       "dev": true
     },
+    "himalaya": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/himalaya/-/himalaya-1.1.0.tgz",
+      "integrity": "sha512-LLase1dHCRMel68/HZTFft0N0wti0epHr3nNY7ynpLbyZpmrKMQ8YIpiOV77TM97cNpC8Wb2n6f66IRggwdWPw=="
+    },
     "hook-std": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/hook-std/-/hook-std-2.0.0.tgz",
diff --git a/packages/content-security-policy/.ae/content-security-policy.api.md b/packages/content-security-policy/.ae/content-security-policy.api.md
new file mode 100644
index 00000000..7f72bb72
--- /dev/null
+++ b/packages/content-security-policy/.ae/content-security-policy.api.md
@@ -0,0 +1,62 @@
+## API Report File for "@jackdbd/content-security-policy"
+
+> Do not edit this file. It is a report generated by [API Extractor](https://api-extractor.com/).
+
+```ts
+
+// @public (undocumented)
+export interface Config {
+    // (undocumented)
+    directives: Directives;
+    // (undocumented)
+    patterns: string[];
+}
+
+// @public (undocumented)
+export const cspDirectives: ({ directives, patterns }: Config) => Promise<string[]>;
+
+// @public (undocumented)
+export const cspHeader: ({ directives, patterns }: Config) => Promise<string>;
+
+// @public (undocumented)
+export const cspJSON: ({ directives, patterns }: Config) => Promise<{}>;
+
+// @public (undocumented)
+export interface Directives {
+    // (undocumented)
+    [k: string]: string[];
+}
+
+// Warning: (ae-missing-release-tag) "recommended_policy" is part of the package's API, but it is missing a release tag (@alpha, @beta, @public, or @internal)
+//
+// @public
+export const recommended_policy: {
+    'font-src': string[];
+    'frame-ancestors': string[];
+    'manifest-src': string[];
+    'object-src': string[];
+    'prefetch-src': string[];
+    'upgrade-insecure-requests': boolean;
+    'base-uri': string[];
+    'connect-src': string[];
+    'default-src': string[];
+    'form-action': string[];
+    'img-src': string[];
+    'script-src': string[];
+    'style-src': string[];
+};
+
+// Warning: (ae-missing-release-tag) "starter_policy" is part of the package's API, but it is missing a release tag (@alpha, @beta, @public, or @internal)
+//
+// @public
+export const starter_policy: {
+    'base-uri': string[];
+    'connect-src': string[];
+    'default-src': string[];
+    'form-action': string[];
+    'img-src': string[];
+    'script-src': string[];
+    'style-src': string[];
+};
+
+```
diff --git a/packages/content-security-policy/LICENSE b/packages/content-security-policy/LICENSE
new file mode 100644
index 00000000..8eb086ee
--- /dev/null
+++ b/packages/content-security-policy/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2022 Giacomo Debidda
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
\ No newline at end of file
diff --git a/packages/content-security-policy/README.md b/packages/content-security-policy/README.md
new file mode 100644
index 00000000..0548ab34
--- /dev/null
+++ b/packages/content-security-policy/README.md
@@ -0,0 +1,26 @@
+# @jackdbd/content-security-policy
+
+[![npm version](https://badge.fury.io/js/@jackdbd%2Fcontent-security-policy.svg)](https://badge.fury.io/js/@jackdbd%2Fcontent-security-policy)
+![Snyk Vulnerabilities for npm package](https://img.shields.io/snyk/vulnerabilities/npm/@jackdbd%2Fcontent-security-policy)
+
+Description...
+
+<!-- START doctoc generated TOC please keep comment here to allow auto update -->
+<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
+<details><summary>Table of Contents</summary>
+
+- [Installation](#installation)
+- [API](#api)
+
+<!-- END doctoc generated TOC please keep comment here to allow auto update -->
+</details>
+
+## Installation
+
+```sh
+npm install @jackdbd/content-security-policy
+```
+
+## API
+
+[API docs generated with TypeDoc](https://jackdbd.github.io/calderone/content-security-policy/)
diff --git a/packages/content-security-policy/__tests__/constants.mjs b/packages/content-security-policy/__tests__/constants.mjs
new file mode 100644
index 00000000..82e9d796
--- /dev/null
+++ b/packages/content-security-policy/__tests__/constants.mjs
@@ -0,0 +1,40 @@
+export const PATTERNS = ['../../assets/html-pages/**/*.html']
+
+export const DIRECTIVES = {
+  'base-uri': ['self'],
+
+  'connect-src': [
+    'self',
+    'cloudflareinsights.com',
+    'plausible.io',
+    'res.cloudinary.com'
+  ],
+
+  'default-src': ['none'],
+
+  'font-src': ['self'],
+
+  'frame-src': [
+    'https://www.youtube.com/embed/',
+    'https://www.youtube-nocookie.com/',
+    'https://player.vimeo.com/video/'
+  ],
+
+  'img-src': [
+    'self',
+    'github.com',
+    'raw.githubusercontent.com',
+    'res.cloudinary.com'
+  ],
+
+  'script-src-elem': [
+    'self',
+    'https://plausible.io/js/plausible.js',
+    'https://static.cloudflareinsights.com/beacon.min.js',
+    'https://unpkg.com/htm/preact/standalone.module.js'
+  ],
+
+  'style-src-elem': ['self', 'sha256'],
+
+  'worker-src': ['self']
+}
diff --git a/packages/content-security-policy/__tests__/csp-directives.test.mjs b/packages/content-security-policy/__tests__/csp-directives.test.mjs
new file mode 100644
index 00000000..637a3d7a
--- /dev/null
+++ b/packages/content-security-policy/__tests__/csp-directives.test.mjs
@@ -0,0 +1,39 @@
+import { cspDirectives, cspHeader, cspJSON } from '../lib/csp-directives.js'
+import { DIRECTIVES, PATTERNS } from './constants.mjs'
+import { isObject, isString } from '../lib/utils.js'
+
+describe('cspDirectives', () => {
+  it('is an array', async () => {
+    const arr = await cspDirectives({
+      directives: DIRECTIVES,
+      patterns: PATTERNS
+    })
+
+    expect(arr).toBeDefined()
+    expect(arr.length).toBe(Object.keys(DIRECTIVES).length)
+  })
+})
+
+describe('cspHeader', () => {
+  it('is a string', async () => {
+    const header = await cspHeader({
+      directives: DIRECTIVES,
+      patterns: PATTERNS
+    })
+
+    expect(header).toBeDefined()
+    expect(isString(header)).toBeTruthy()
+  })
+})
+
+describe('cspJSON', () => {
+  it('is a JS object', async () => {
+    const json = await cspJSON({
+      directives: DIRECTIVES,
+      patterns: PATTERNS
+    })
+
+    expect(json).toBeDefined()
+    expect(isObject(json)).toBeTruthy()
+  })
+})
diff --git a/packages/content-security-policy/__tests__/errors.test.mjs b/packages/content-security-policy/__tests__/errors.test.mjs
new file mode 100644
index 00000000..48de67b3
--- /dev/null
+++ b/packages/content-security-policy/__tests__/errors.test.mjs
@@ -0,0 +1,55 @@
+import Joi from 'joi'
+import { validationErrorOrWarnings } from '../lib/errors.js'
+
+describe('validationErrorOrWarnings', () => {
+  it('is defined when the configuration is invalid', () => {
+    const message = 'this is a validation error'
+    const details = [{ path: [] }]
+    const original = {}
+    const error = new Joi.ValidationError(message, details, original)
+
+    const result = validationErrorOrWarnings({
+      error,
+      allowDeprecatedDirectives: false
+    })
+
+    expect(result.error).toBeDefined()
+    expect(result.error.message).toContain('invalid configuration')
+  })
+
+  it('is an error when the configuration is valid but it is used a deprecated CSP directive and allowDeprecatedDirectives is false', () => {
+    const deprecated_directive = 'block-all-mixed-content'
+    const message = 'this is a validation error'
+    const details = [{ path: ['foo', deprecated_directive] }]
+    const original = {}
+
+    const { error, warnings } = validationErrorOrWarnings({
+      error: new Joi.ValidationError(message, details, original),
+      allowDeprecatedDirectives: false
+    })
+
+    expect(error).toBeDefined()
+    expect(error.message).toContain('invalid configuration')
+    expect(error.message).toContain('deprecated directive')
+    expect(error.message).toContain(deprecated_directive)
+    expect(warnings.length).toBe(0)
+  })
+
+  it('is a warning when the configuration is valid but it is used a deprecated CSP directive and allowDeprecatedDirectives is true', () => {
+    const deprecated_directive = 'block-all-mixed-content'
+    const message = 'this is a validation error'
+    const details = [{ path: ['foo', deprecated_directive] }]
+    const original = {}
+
+    const { error, warnings } = validationErrorOrWarnings({
+      error: new Joi.ValidationError(message, details, original),
+      allowDeprecatedDirectives: true
+    })
+
+    expect(error).not.toBeDefined()
+    expect(warnings.length).toBe(1)
+    const warning = warnings[0]
+    expect(warning).toContain('deprecated')
+    expect(warning).toContain(deprecated_directive)
+  })
+})
diff --git a/packages/content-security-policy/__tests__/hash.test.mjs b/packages/content-security-policy/__tests__/hash.test.mjs
new file mode 100644
index 00000000..c519c72c
--- /dev/null
+++ b/packages/content-security-policy/__tests__/hash.test.mjs
@@ -0,0 +1,39 @@
+import { hashesStyleSrcElem } from '../lib/hash.js'
+
+describe('hashesStyleSrcElem', () => {
+  it('produces the expected hashes', async () => {
+    const patterns = ['../../assets/html-pages/**/*.html']
+
+    const hashes_256 = await hashesStyleSrcElem({
+      algorithm: 'sha256',
+      patterns
+    })
+
+    const hashes_384 = await hashesStyleSrcElem({
+      algorithm: 'sha384',
+      patterns
+    })
+
+    const hashes_512 = await hashesStyleSrcElem({
+      algorithm: 'sha512',
+      patterns
+    })
+
+    expect(hashes_256.length).toBe(1)
+    expect(hashes_384.length).toBe(1)
+    expect(hashes_512.length).toBe(1)
+
+    hashes_256.forEach((hash_256, i) => {
+      const hash_384 = hashes_384[i]
+      const hash_512 = hashes_512[i]
+
+      expect(hash_384).not.toBe(hash_256)
+      expect(hash_512).not.toBe(hash_256)
+      expect(hash_512).not.toBe(hash_384)
+
+      expect(hash_256.length).toBe(51)
+      expect(hash_384.length).toBe(71)
+      expect(hash_512.length).toBe(95)
+    })
+  })
+})
diff --git a/packages/content-security-policy/__tests__/html-parser.test.mjs b/packages/content-security-policy/__tests__/html-parser.test.mjs
new file mode 100644
index 00000000..ad0ee026
--- /dev/null
+++ b/packages/content-security-policy/__tests__/html-parser.test.mjs
@@ -0,0 +1,42 @@
+import fs from 'node:fs'
+import path from 'node:path'
+import { scriptTagsContents, styleTagsContents } from '../lib/html-parser.js'
+
+const HTML_DIR = path.resolve('..', '..', 'assets', 'html-pages')
+//   const HTML_DIR = path.join('assets', 'html-pages')
+const html_filepath = path.join(HTML_DIR, 'index.html')
+
+// the <head> of this HTML page contains 2 <script> tags and 1 <style> tag
+const HTML = fs.readFileSync(html_filepath).toString()
+
+describe('scriptTagsContents', () => {
+  it('is an array with two elements when HTML page has two <script> tags inlined in <head>', async () => {
+    const contents = await scriptTagsContents(html_filepath)
+
+    expect(contents.length).toBe(2)
+  })
+
+  it('is a substring of the entire HTML page', async () => {
+    const contents = await scriptTagsContents(html_filepath)
+
+    contents.forEach((content) => {
+      expect(HTML).toContain(content)
+    })
+  })
+})
+
+describe('styleTagsContents', () => {
+  it('is an array with one element when HTML page has one <style> tag inlined in <head>', async () => {
+    const contents = await styleTagsContents(html_filepath)
+
+    expect(contents.length).toBe(1)
+  })
+
+  it('is a substring of the entire HTML page', async () => {
+    const contents = await styleTagsContents(html_filepath)
+
+    contents.forEach((content) => {
+      expect(HTML).toContain(content)
+    })
+  })
+})
diff --git a/packages/content-security-policy/__tests__/schemas.test.mjs b/packages/content-security-policy/__tests__/schemas.test.mjs
new file mode 100644
index 00000000..c519c11a
--- /dev/null
+++ b/packages/content-security-policy/__tests__/schemas.test.mjs
@@ -0,0 +1,54 @@
+import Joi from 'joi'
+import { csp_scheme_source, csp_source_values } from '../lib/schemas.js'
+
+describe('csp_scheme_source', () => {
+  it('is not valid for `foo`', () => {
+    const result = csp_scheme_source.validate('foo')
+
+    expect(result.error).toBeDefined()
+    expect(result.error.message).toContain('must be one of')
+  })
+
+  it('is valid for each one of the supported schemes`', () => {
+    const schemes = [
+      'http:',
+      'https:',
+      'blob:',
+      'data:',
+      'filesystem:',
+      'mediastream:'
+    ]
+
+    schemes.forEach((scheme) => {
+      const { error, value } = csp_scheme_source.validate(scheme)
+
+      expect(error).not.toBeDefined()
+      expect(value).toBe(scheme)
+    })
+  })
+})
+
+describe('csp_source_values', () => {
+  it('must contain at least one item', () => {
+    const result = csp_source_values.validate([])
+
+    expect(result.error).toBeDefined()
+    expect(result.error.message).toContain('must contain at least 1 items')
+  })
+
+  it('is valid for each one of the supported CSP source values', () => {
+    const source_values = [
+      ['self'],
+      ['unsafe-eval'],
+      ['unsafe-hashes'],
+      ['self', 'unsafe-inline']
+    ]
+
+    source_values.forEach((source_value) => {
+      const { error, value } = csp_source_values.validate(source_value)
+
+      expect(error).not.toBeDefined()
+      expect(JSON.stringify(value)).toBe(JSON.stringify(source_value))
+    })
+  })
+})
diff --git a/packages/content-security-policy/__tests__/source-values.test.mjs b/packages/content-security-policy/__tests__/source-values.test.mjs
new file mode 100644
index 00000000..31f3de2b
--- /dev/null
+++ b/packages/content-security-policy/__tests__/source-values.test.mjs
@@ -0,0 +1,85 @@
+import {
+  cspSourceValuesScriptAttr,
+  cspSourceValuesScriptElem,
+  cspSourceValuesStyleAttr,
+  cspSourceValuesStyleElem
+} from '../lib/source-values.js'
+import { hashesStyleSrcElem } from '../lib/hash.js'
+import { DIRECTIVES, PATTERNS } from './constants.mjs'
+
+describe('cspSourceValuesScriptAttr', () => {
+  it("returns undefined when there isn't a `script-src-attr` CSP directive among the specified directives", async () => {
+    const directive = 'script-src-attr'
+
+    const arr = await cspSourceValuesScriptAttr({
+      directive,
+      directives: DIRECTIVES,
+      patterns: PATTERNS
+    })
+
+    expect(arr).not.toBeDefined()
+  })
+})
+
+describe('cspSourceValuesScriptElem', () => {
+  it('returns an array of N elements, where N is the length of the values allowed for the specified CSP directive', async () => {
+    const directive = 'script-src-elem'
+
+    const arr = await cspSourceValuesScriptElem({
+      directive,
+      directives: DIRECTIVES,
+      patterns: PATTERNS
+    })
+
+    expect(arr.length).toBe(DIRECTIVES[directive].length)
+  })
+})
+
+describe('cspSourceValuesStyleAttr', () => {
+  it("returns undefined when there isn't a `style-src-attr` CSP directive among the specified directives", async () => {
+    const directive = 'style-src-attr'
+
+    const arr = await cspSourceValuesStyleAttr({
+      directive,
+      directives: DIRECTIVES,
+      patterns: PATTERNS
+    })
+
+    expect(arr).not.toBeDefined()
+  })
+})
+
+describe('cspSourceValuesStyleElem', () => {
+  it('returns an array of N elements, where N is the length of the values allowed for the specified CSP directive', async () => {
+    const directive = 'style-src-elem'
+
+    const arr = await cspSourceValuesStyleElem({
+      directive,
+      directives: DIRECTIVES,
+      patterns: PATTERNS
+    })
+
+    expect(arr.length).toBe(DIRECTIVES[directive].length)
+  })
+
+  it('computes the hash using the specified algorithm', async () => {
+    const directive = 'style-src-elem'
+
+    const arr = await cspSourceValuesStyleElem({
+      directive,
+      directives: DIRECTIVES,
+      patterns: PATTERNS
+    })
+
+    expect(arr[0]).toBe(DIRECTIVES[directive][0])
+    const hash_algorithm = DIRECTIVES[directive][1]
+    expect(arr[1]).toContain(hash_algorithm)
+
+    const hashes_256 = await hashesStyleSrcElem({
+      algorithm: hash_algorithm,
+      patterns: PATTERNS
+    })
+
+    expect(arr[1]).toBe(hashes_256[0])
+  })
+})
diff --git a/packages/content-security-policy/__tests__/utils.test.mjs b/packages/content-security-policy/__tests__/utils.test.mjs
new file mode 100644
index 00000000..558f7864
--- /dev/null
+++ b/packages/content-security-policy/__tests__/utils.test.mjs
@@ -0,0 +1,21 @@
+import { isObject, isString } from '../lib/utils.js'
+
+describe('isObject', () => {
+  it('is true for `{}`', () => {
+    expect(isObject({})).toBeTruthy()
+  })
+
+  it('is false for `123`', () => {
+    expect(isObject(123)).toBeFalsy()
+  })
+})
+
+describe('isString', () => {
+  it('is true for `"hello"`', () => {
+    expect(isString('hello')).toBeTruthy()
+  })
+
+  it('is false for `123`', () => {
+    expect(isString(123)).toBeFalsy()
+  })
+})
diff --git a/packages/content-security-policy/api-docs/content-security-policy.config.directives.md b/packages/content-security-policy/api-docs/content-security-policy.config.directives.md
new file mode 100644
index 00000000..839dd7ad
--- /dev/null
+++ b/packages/content-security-policy/api-docs/content-security-policy.config.directives.md
@@ -0,0 +1,11 @@
+<!-- Do not edit this file. It is automatically generated by API Documenter. -->
+
+[Home](./index.md) &gt; [@jackdbd/content-security-policy](./content-security-policy.md) &gt; [Config](./content-security-policy.config.md) &gt; [directives](./content-security-policy.config.directives.md)
+
+## Config.directives property
+
+<b>Signature:</b>
+
+```typescript
+directives: Directives;
+```
diff --git a/packages/content-security-policy/api-docs/content-security-policy.config.md b/packages/content-security-policy/api-docs/content-security-policy.config.md
new file mode 100644
index 00000000..20e2606d
--- /dev/null
+++ b/packages/content-security-policy/api-docs/content-security-policy.config.md
@@ -0,0 +1,20 @@
+<!-- Do not edit this file. It is automatically generated by API Documenter. -->
+
+[Home](./index.md) &gt; [@jackdbd/content-security-policy](./content-security-policy.md) &gt; [Config](./content-security-policy.config.md)
+
+## Config interface
+
+
+<b>Signature:</b>
+
+```typescript
+export interface Config 
+```
+
+## Properties
+
+|  Property | Modifiers | Type | Description |
+|  --- | --- | --- | --- |
+|  [directives](./content-security-policy.config.directives.md) |  | [Directives](./content-security-policy.directives.md) |  |
+|  [patterns](./content-security-policy.config.patterns.md) |  | string\[\] |  |
+
diff --git a/packages/content-security-policy/api-docs/content-security-policy.config.patterns.md b/packages/content-security-policy/api-docs/content-security-policy.config.patterns.md
new file mode 100644
index 00000000..a37286fa
--- /dev/null
+++ b/packages/content-security-policy/api-docs/content-security-policy.config.patterns.md
@@ -0,0 +1,11 @@
+<!-- Do not edit this file. It is automatically generated by API Documenter. -->
+
+[Home](./index.md) &gt; [@jackdbd/content-security-policy](./content-security-policy.md) &gt; [Config](./content-security-policy.config.md) &gt; [patterns](./content-security-policy.config.patterns.md)
+
+## Config.patterns property
+
+<b>Signature:</b>
+
+```typescript
+patterns: string[];
+```
diff --git a/packages/content-security-policy/api-docs/content-security-policy.cspdirectives.md b/packages/content-security-policy/api-docs/content-security-policy.cspdirectives.md
new file mode 100644
index 00000000..185de0fd
--- /dev/null
+++ b/packages/content-security-policy/api-docs/content-security-policy.cspdirectives.md
@@ -0,0 +1,12 @@
+<!-- Do not edit this file. It is automatically generated by API Documenter. -->
+
+[Home](./index.md) &gt; [@jackdbd/content-security-policy](./content-security-policy.md) &gt; [cspDirectives](./content-security-policy.cspdirectives.md)
+
+## cspDirectives variable
+
+
+<b>Signature:</b>
+
+```typescript
+cspDirectives: ({ directives, patterns }: Config) => Promise<string[]>
+```
diff --git a/packages/content-security-policy/api-docs/content-security-policy.cspheader.md b/packages/content-security-policy/api-docs/content-security-policy.cspheader.md
new file mode 100644
index 00000000..a37a46ac
--- /dev/null
+++ b/packages/content-security-policy/api-docs/content-security-policy.cspheader.md
@@ -0,0 +1,12 @@
+<!-- Do not edit this file. It is automatically generated by API Documenter. -->
+
+[Home](./index.md) &gt; [@jackdbd/content-security-policy](./content-security-policy.md) &gt; [cspHeader](./content-security-policy.cspheader.md)
+
+## cspHeader variable
+
+
+<b>Signature:</b>
+
+```typescript
+cspHeader: ({ directives, patterns }: Config) => Promise<string>
+```
diff --git a/packages/content-security-policy/api-docs/content-security-policy.cspjson.md b/packages/content-security-policy/api-docs/content-security-policy.cspjson.md
new file mode 100644
index 00000000..8a65de83
--- /dev/null
+++ b/packages/content-security-policy/api-docs/content-security-policy.cspjson.md
@@ -0,0 +1,12 @@
+<!-- Do not edit this file. It is automatically generated by API Documenter. -->
+
+[Home](./index.md) &gt; [@jackdbd/content-security-policy](./content-security-policy.md) &gt; [cspJSON](./content-security-policy.cspjson.md)
+
+## cspJSON variable
+
+
+<b>Signature:</b>
+
+```typescript
+cspJSON: ({ directives, patterns }: Config) => Promise<{}>
+```
diff --git a/packages/content-security-policy/api-docs/content-security-policy.directives.md b/packages/content-security-policy/api-docs/content-security-policy.directives.md
new file mode 100644
index 00000000..a4c46b29
--- /dev/null
+++ b/packages/content-security-policy/api-docs/content-security-policy.directives.md
@@ -0,0 +1,12 @@
+<!-- Do not edit this file. It is automatically generated by API Documenter. -->
+
+[Home](./index.md) &gt; [@jackdbd/content-security-policy](./content-security-policy.md) &gt; [Directives](./content-security-policy.directives.md)
+
+## Directives interface
+
+
+<b>Signature:</b>
+
+```typescript
+export interface Directives 
+```
diff --git a/packages/content-security-policy/api-docs/content-security-policy.md b/packages/content-security-policy/api-docs/content-security-policy.md
new file mode 100644
index 00000000..0cd6631c
--- /dev/null
+++ b/packages/content-security-policy/api-docs/content-security-policy.md
@@ -0,0 +1,25 @@
+<!-- Do not edit this file. It is automatically generated by API Documenter. -->
+
+[Home](./index.md) &gt; [@jackdbd/content-security-policy](./content-security-policy.md)
+
+## content-security-policy package
+
+Entry point for the documentation of content-security-policy.
+
+## Interfaces
+
+|  Interface | Description |
+|  --- | --- |
+|  [Config](./content-security-policy.config.md) |  |
+|  [Directives](./content-security-policy.directives.md) |  |
+
+## Variables
+
+|  Variable | Description |
+|  --- | --- |
+|  [cspDirectives](./content-security-policy.cspdirectives.md) |  |
+|  [cspHeader](./content-security-policy.cspheader.md) |  |
+|  [cspJSON](./content-security-policy.cspjson.md) |  |
+|  [recommended\_policy](./content-security-policy.recommended_policy.md) | <p>Recommended policy for most sites.</p><p>Differences with the standard policy are the following ones: - font-src is set to 'self', to allow self-hosted fonts - frame-ancestors is set to 'none' - manifest-src is set to 'self', to allow a self-hosted web application manifest,so the website can be installed as Progressive Web App. Learn more: https://developer.mozilla.org/en-US/docs/Web/Manifest - object-src is set to 'none' as recommended here: https://csp.withgoogle.com/docs/strict-csp.html - prefetch-src is set to 'self, to allow prefetching content hosted on this origin - upgrade-insecure-requests is set to true, even if I am not sure it's really necessary, since it does NOT replace HSTS. Learn more: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests</p> |
+|  [starter\_policy](./content-security-policy.starter_policy.md) | This is the starter policy described here: https://content-security-policy.com/ |
+
diff --git a/packages/content-security-policy/api-docs/content-security-policy.recommended_policy.md b/packages/content-security-policy/api-docs/content-security-policy.recommended_policy.md
new file mode 100644
index 00000000..332786c0
--- /dev/null
+++ b/packages/content-security-policy/api-docs/content-security-policy.recommended_policy.md
@@ -0,0 +1,29 @@
+<!-- Do not edit this file. It is automatically generated by API Documenter. -->
+
+[Home](./index.md) &gt; [@jackdbd/content-security-policy](./content-security-policy.md) &gt; [recommended\_policy](./content-security-policy.recommended_policy.md)
+
+## recommended\_policy variable
+
+Recommended policy for most sites.
+
+Differences with the standard policy are the following ones: - font-src is set to 'self', to allow self-hosted fonts - frame-ancestors is set to 'none' - manifest-src is set to 'self', to allow a self-hosted web application manifest,so the website can be installed as Progressive Web App. Learn more: https://developer.mozilla.org/en-US/docs/Web/Manifest - object-src is set to 'none' as recommended here: https://csp.withgoogle.com/docs/strict-csp.html - prefetch-src is set to 'self, to allow prefetching content hosted on this origin - upgrade-insecure-requests is set to true, even if I am not sure it's really necessary, since it does NOT replace HSTS. Learn more: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests
+
+<b>Signature:</b>
+
+```typescript
+recommended_policy: {
+    'font-src': string[];
+    'frame-ancestors': string[];
+    'manifest-src': string[];
+    'object-src': string[];
+    'prefetch-src': string[];
+    'upgrade-insecure-requests': boolean;
+    'base-uri': string[];
+    'connect-src': string[];
+    'default-src': string[];
+    'form-action': string[];
+    'img-src': string[];
+    'script-src': string[];
+    'style-src': string[];
+}
+```
diff --git a/packages/content-security-policy/api-docs/content-security-policy.starter_policy.md b/packages/content-security-policy/api-docs/content-security-policy.starter_policy.md
new file mode 100644
index 00000000..afb95f8a
--- /dev/null
+++ b/packages/content-security-policy/api-docs/content-security-policy.starter_policy.md
@@ -0,0 +1,21 @@
+<!-- Do not edit this file. It is automatically generated by API Documenter. -->
+
+[Home](./index.md) &gt; [@jackdbd/content-security-policy](./content-security-policy.md) &gt; [starter\_policy](./content-security-policy.starter_policy.md)
+
+## starter\_policy variable
+
+This is the starter policy described here: https://content-security-policy.com/
+
+<b>Signature:</b>
+
+```typescript
+starter_policy: {
+    'base-uri': string[];
+    'connect-src': string[];
+    'default-src': string[];
+    'form-action': string[];
+    'img-src': string[];
+    'script-src': string[];
+    'style-src': string[];
+}
+```
diff --git a/packages/content-security-policy/api-docs/index.md b/packages/content-security-policy/api-docs/index.md
new file mode 100644
index 00000000..6707ad3d
--- /dev/null
+++ b/packages/content-security-policy/api-docs/index.md
@@ -0,0 +1,12 @@
+<!-- Do not edit this file. It is automatically generated by API Documenter. -->
+
+[Home](./index.md)
+
+## API Reference
+
+## Packages
+
+|  Package | Description |
+|  --- | --- |
+|  [@jackdbd/content-security-policy](./content-security-policy.md) | Entry point for the documentation of content-security-policy. |
+
diff --git a/packages/content-security-policy/api-extractor.json b/packages/content-security-policy/api-extractor.json
new file mode 100644
index 00000000..f22d9dd0
--- /dev/null
+++ b/packages/content-security-policy/api-extractor.json
@@ -0,0 +1,3 @@
+{
+  "extends": "../../config/api-extractor.json"
+}
diff --git a/packages/content-security-policy/package.json b/packages/content-security-policy/package.json
new file mode 100644
index 00000000..3ebe00c0
--- /dev/null
+++ b/packages/content-security-policy/package.json
@@ -0,0 +1,67 @@
+{
+  "name": "@jackdbd/content-security-policy",
+  "version": "0.0.0",
+  "description": "",
+  "author": {
+    "name": "Giacomo Debidda",
+    "email": "giacomo@giacomodebidda.com",
+    "url": "https://giacomodebidda.com/"
+  },
+  "license": "MIT",
+  "private": false,
+  "publishConfig": {
+    "access": "public"
+  },
+  "keywords": [],
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/jackdbd/calderone"
+  },
+  "bugs": {
+    "url": "https://github.com/jackdbd/calderone/issues?q=is%3Aissue+label%3Abug"
+  },
+  "homepage": "https://github.com/jackdbd/calderone/tree/main/packages/content-security-policy#readme",
+  "engines": {
+    "node": ">=14.19.3"
+  },
+  "type": "module",
+  "module": "lib/index.js",
+  "typings": "lib/index.d.ts",
+  "exports": {
+    ".": "./lib/index.js",
+    "./package.json": "./package.json"
+  },
+  "typesVersions": {
+    "*": {}
+  },
+  "files": [
+    "CHANGELOG.md",
+    "api-docs",
+    "lib"
+  ],
+  "scripts": {
+    "build": "run-s 'build:ts' 'build:docs' --print-label",
+    "build:docs": "run-s 'docs:doctoc' 'docs:ae' 'docs:ad' 'docs:typedoc' --print-label",
+    "build:ts": "tsc -p tsconfig.json",
+    "clean": "../../scripts/clean.mjs",
+    "docs:ae": "../../scripts/api-extractor.mjs",
+    "docs:ad": "../../scripts/api-documenter.mjs",
+    "docs:doctoc": "doctoc --github README.md --title '<details><summary>Table of Contents</summary>'",
+    "docs:typedoc": "../../scripts/typedoc.mjs",
+    "format": "../../scripts/format.mjs",
+    "lint": "eslint --config ../../config/eslint.cjs",
+    "nuke": "npm run clean && rimraf node_modules 'package-lock.json'",
+    "precommit": "lint-staged --config ../../config/lint-staged.cjs",
+    "size": "pkg-size ./lib --sort-by=brotli --ignore-files {*.d.ts,*.map}",
+    "test": "../../scripts/test.mjs",
+    "test:ci": "../../scripts/test.mjs --ci",
+    "test:watch": "npm run test -- --watch"
+  },
+  "dependencies": {
+    "debug": "^4.3.4",
+    "himalaya": "^1.1.0",
+    "joi": "^17.6.1"
+  },
+  "peerDependencies": {},
+  "devDependencies": {}
+}
diff --git a/packages/content-security-policy/release.config.cjs b/packages/content-security-policy/release.config.cjs
new file mode 100644
index 00000000..e46c6f48
--- /dev/null
+++ b/packages/content-security-policy/release.config.cjs
@@ -0,0 +1,27 @@
+const base_config = require('../../config/semantic-release.cjs')
+
+// git commit message made by the semantic-relase bot //////////////////////////
+// This commit message should be different for each package.
+// The rest of the semantic-release configuration should stay the same.
+// https://github.com/semantic-release/git#message
+const message =
+  'chore(content-security-policy): release v.${nextRelease.version} [skip ci]\n\n${nextRelease.notes}'
+////////////////////////////////////////////////////////////////////////////////
+
+const git = [
+  '@semantic-release/git',
+  {
+    assets: ['CHANGELOG.md', 'package.json'],
+    message
+  }
+]
+
+const config = {
+  ...base_config,
+  branches: [...base_config.branches],
+  plugins: [...base_config.plugins, git]
+}
+
+// console.log('=== semantic-release (content-security-policy) ===', config)
+
+module.exports = config
diff --git a/packages/content-security-policy/src/csp-directives.ts b/packages/content-security-policy/src/csp-directives.ts
new file mode 100644
index 00000000..2f4c3219
--- /dev/null
+++ b/packages/content-security-policy/src/csp-directives.ts
@@ -0,0 +1,129 @@
+import makeDebug from 'debug'
+import { stringReplacer } from './utils.js'
+import {
+  cspSourceValuesStyleAttr,
+  cspSourceValuesScriptElem,
+  cspSourceValuesScriptAttr,
+  cspSourceValuesStyleElem
+} from './source-values.js'
+import type { Directives } from './directives.js'
+
+const debug = makeDebug('csp/csp-directives')
+
+/**
+ * @public
+ */
+export interface Config {
+  directives: Directives
+  patterns: string[]
+}
+
+/**
+ * @public
+ */
+export const cspDirectives = async ({ directives, patterns }: Config) => {
+  const m = { ...directives }
+
+  const [
+    script_src,
+    script_src_attr,
+    script_src_elem,
+    style_src,
+    style_src_attr,
+    style_src_elem
+  ] = await Promise.all([
+    cspSourceValuesScriptElem({
+      directive: 'script-src',
+      directives,
+      patterns
+    }),
+    cspSourceValuesScriptAttr({
+      directive: 'script-src-attr',
+      directives,
+      patterns
+    }),
+    cspSourceValuesScriptElem({
+      directive: 'script-src-elem',
+      directives,
+      patterns
+    }),
+    cspSourceValuesStyleElem({
+      directives,
+      directive: 'style-src',
+      patterns
+    }),
+    cspSourceValuesStyleAttr({
+      directives,
+      directive: 'style-src-attr',
+      patterns
+    }),
+    cspSourceValuesStyleElem({
+      directives,
+      directive: 'style-src-elem',
+      patterns
+    })
+  ])
+
+  if (script_src) {
+    m['script-src'] = script_src
+  }
+
+  if (script_src_attr) {
+    m['script-src-attr'] = script_src_attr
+  }
+
+  if (script_src_elem) {
+    m['script-src-elem'] = script_src_elem
+  }
+
+  if (style_src) {
+    m['style-src'] = style_src
+  }
+
+  if (style_src_attr) {
+    m['style-src-attr'] = style_src_attr
+  }
+
+  if (style_src_elem) {
+    m['style-src-elem'] = style_src_elem
+  }
+
+  const arr = Object.entries(m).map(([key, value]) => {
+    debug(`${key} %o`, value)
+    if ((value as any) === true) {
+      return key
+    }
+    const strings = (value as any).map(stringReplacer)
+    return `${key} ${strings.join(' ')}`
+  })
+  debug('CSP directives that represent the policy %O', arr)
+
+  return arr
+}
+
+/**
+ * @public
+ */
+export const cspHeader = async ({ directives, patterns }: Config) => {
+  const arr = await cspDirectives({
+    directives,
+    patterns
+  })
+
+  return arr.join('; ')
+}
+
+/**
+ * @public
+ */
+export const cspJSON = async ({ directives, patterns }: Config) => {
+  const arr = await cspDirectives({
+    directives,
+    patterns
+  })
+
+  return arr.reduce((acc, cv) => {
+    const [k, ...rest] = cv.split(' ')
+    return { ...acc, [k]: rest }
+  }, {})
+}
diff --git a/packages/content-security-policy/src/directives.ts b/packages/content-security-policy/src/directives.ts
new file mode 100644
index 00000000..0efa2043
--- /dev/null
+++ b/packages/content-security-policy/src/directives.ts
@@ -0,0 +1,92 @@
+export type DeprecatedDirectiveKey =
+  | 'block-all-mixed-content'
+  | 'plugin-types'
+  | 'referrer'
+  | 'report-uri'
+  | 'require-sri-for'
+
+export interface DeprecatedDirectiveValue {
+  hrefs: string[]
+  whatToDoInstead: string
+}
+
+export type DeprecatedDirectives = {
+  [key in DeprecatedDirectiveKey]: DeprecatedDirectiveValue
+}
+
+/**
+ * @see [Deprected directives - MDN web docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy#deprecated_directives)
+ */
+export const deprecatedDirectives: DeprecatedDirectives = {
+  'block-all-mixed-content': {
+    hrefs: [
+      'https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/block-all-mixed-content'
+    ],
+    whatToDoInstead: 'use the upgrade-insecure-requests directive'
+  },
+  'plugin-types': {
+    hrefs: [
+      'https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/plugin-types'
+    ],
+    whatToDoInstead: 'use the object-src directive to disallow all plugins'
+  },
+  referrer: {
+    hrefs: [
+      'https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/referrer'
+    ],
+    whatToDoInstead: 'use the Referrer-Policy header'
+  },
+  'report-uri': {
+    hrefs: [
+      'https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/report-uri'
+    ],
+    whatToDoInstead: 'use the report-to directive'
+  },
+  'require-sri-for': {
+    hrefs: [
+      'https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/require-sri-for'
+    ],
+    whatToDoInstead: 'TODO: just drop it?'
+  }
+}
+
+export const deprecatedDirectivesSet = new Set(
+  Object.keys(deprecatedDirectives) // as DeprecatedDirectiveKey[]
+)
+
+export const supportedDirectivesSet = new Set([
+  'base-uri',
+  'child-src',
+  'connect-src',
+  'default-src',
+  'font-src',
+  'form-action',
+  'frame-ancestors',
+  'frame-src',
+  'img-src',
+  'manifest-src',
+  'media-src',
+  'navigate-to',
+  'object-src',
+  'prefetch-src',
+  'report-to',
+  'require-trusted-types-for',
+  'sandbox',
+  'script-src',
+  'script-src-attr',
+  'script-src-elem',
+  'source-values',
+  'style-src',
+  'style-src-attr',
+  'style-src-elem',
+  'trusted-types',
+  'upgrade-insecure-requests',
+  'worker-src'
+])
+
+/**
+ * @public
+ */
+export interface Directives {
+  [k: string]: string[]
+}
diff --git a/packages/content-security-policy/src/errors.ts b/packages/content-security-policy/src/errors.ts
new file mode 100644
index 00000000..48b24a6d
--- /dev/null
+++ b/packages/content-security-policy/src/errors.ts
@@ -0,0 +1,67 @@
+import { deprecatedDirectives } from './directives.js'
+import type { DeprecatedDirectiveKey } from './directives.js'
+
+/**
+ * @internal
+ */
+interface Config {
+  allowDeprecatedDirectives: boolean
+  error: any
+}
+
+/**
+ * @internal
+ */
+export const validationErrorOrWarnings = ({
+  allowDeprecatedDirectives,
+  error
+}: Config) => {
+  const detail = error.details[0]
+  const warnings: string[] = []
+
+  if (detail.path.length === 2) {
+    const directive = detail.path[1] as DeprecatedDirectiveKey
+
+    //   const value = detail.context.value
+    const deprecatedDirective = deprecatedDirectives[directive]
+
+    if (deprecatedDirective) {
+      const message = [
+        `CSP directive ${directive} is deprecated`,
+        `Instead, ${deprecatedDirective.whatToDoInstead}`,
+        `Learn more: ${deprecatedDirective.hrefs.join(' ')}`
+      ].join('. ')
+
+      if (allowDeprecatedDirectives) {
+        warnings.push(message)
+        return { warnings }
+      } else {
+        const tip = `Remove the deprecated directives, or set allowDeprecatedDirectives: true if you want to allow them.`
+        return {
+          error: new Error(`invalid configuration: ${message}. ${tip}`),
+          warnings
+        }
+      }
+    } else {
+      // This is an error about a CSP directives, but it's not related to a
+      // deprecated directive.
+      return {
+        error: new Error(`invalid configuration: ${error.message}`),
+        warnings
+      }
+    }
+  } else {
+    // This is an error about something else in the plugin configuration.
+    if (detail.context && detail.context.message) {
+      return {
+        error: new Error(`invalid configuration: ${detail.context.message}`),
+        warnings
+      }
+    } else {
+      return {
+        error: new Error(`invalid configuration: ${error.message}`),
+        warnings
+      }
+    }
+  }
+}
diff --git a/packages/content-security-policy/src/hash.ts b/packages/content-security-policy/src/hash.ts
new file mode 100644
index 00000000..c8a89f73
--- /dev/null
+++ b/packages/content-security-policy/src/hash.ts
@@ -0,0 +1,148 @@
+import { globby } from 'globby'
+import makeDebug from 'debug'
+import { scriptTagsContents, styleTagsContents } from './html-parser.js'
+import { contentHash, hashAlgorithmFromCspSourceValues } from './utils.js'
+
+const debug = makeDebug('csp/hash')
+
+export type DirectiveKey =
+  | 'script-src'
+  | 'script-src-attr'
+  | 'script-src-elem'
+  | 'style-src'
+  | 'style-src-attr'
+  | 'style-src-elem'
+
+export type CspSources = string[]
+
+export type HashAlgorithmMapConfig = {
+  [key in DirectiveKey]: string | undefined
+}
+
+/**
+ * Detects the hash algorithm to use for all CSP source values in a CSP directive.
+ * Different directives might use different hash algorithms.
+ */
+export const hashAlgorithmMap = (config: {
+  [k: string]: CspSources | undefined
+}) => {
+  const m: HashAlgorithmMapConfig = {
+    'script-src': undefined,
+    'script-src-attr': undefined,
+    'script-src-elem': undefined,
+    'style-src': undefined,
+    'style-src-attr': undefined,
+    'style-src-elem': undefined
+  }
+  const errors: any[] = []
+
+  const directives = Object.keys(m) as DirectiveKey[]
+
+  directives.forEach((directive) => {
+    const sources = config[directive]
+    if (sources) {
+      debug(
+        `CSP directive ${directive} specifies ${sources.length} CSP source value/s: %o`,
+        sources
+      )
+      const { value, error } = hashAlgorithmFromCspSourceValues(sources)
+      if (error) {
+        errors.push(error)
+      }
+      if (value) {
+        m[directive] = value
+      }
+    }
+  })
+
+  if (errors.length > 0) {
+    const message = [
+      `could not figure out which hash algorithms to use in Content-Security-Policy directives`,
+      ...errors.map((err) => err.message)
+    ].join('; ')
+    throw new Error(message)
+  }
+
+  return m
+}
+
+export enum Algorithm {
+  sha256 = 'sha256',
+  sha384 = 'sha384',
+  sha512 = 'sha512'
+}
+
+interface Config {
+  algorithm: Algorithm
+  patterns: string[]
+}
+
+interface UniqueHashesConfig extends Config {
+  parser: typeof scriptTagsContents | typeof styleTagsContents
+}
+
+/**
+ * @internal
+ */
+export const uniqueHashes = async ({
+  algorithm,
+  parser,
+  patterns
+}: UniqueHashesConfig) => {
+  const paths = await globby(patterns)
+
+  debug(
+    `Found ${paths.length} HTML ${
+      paths.length === 1 ? 'file' : 'files'
+    } matching these glob patterns %O`,
+    patterns
+  )
+
+  const promises = paths.map(async (filepath) => {
+    // contents in a single page
+    const contents: string[] = await parser(filepath)
+    // content hashes in a single page
+    return contents.map((content) => contentHash({ algorithm, content }))
+  })
+
+  // unflattened, with duplicates
+  const hashes = await Promise.all(promises)
+  // flattened, without duplicates
+  const hashesUnique = [...new Set(...hashes)]
+
+  debug(
+    ` ${hashesUnique.length} ${
+      hashesUnique.length === 1 ? `hash` : `unique hashes`
+    } computed from inlined content (across all pages).`
+  )
+
+  return hashesUnique
+}
+
+/**
+ * @internal
+ */
+export const hashesScriptSrcElem = async ({ algorithm, patterns }: Config) => {
+  return await uniqueHashes({
+    algorithm,
+    parser: scriptTagsContents,
+    patterns
+  })
+}
+
+/**
+ * @internal
+ */
+export const hashesStyleSrcElem = async ({ algorithm, patterns }: Config) => {
+  return await uniqueHashes({
+    algorithm,
+    parser: styleTagsContents,
+    patterns
+  })
+}
+
+/**
+ * @internal
+ */
+export const noHashSpecifiedMessage = (directive: string) =>
+  `CSP directive ${directive}: no hash algorithm specified. No hash will be generated. Return original CSP source values.`
diff --git a/packages/content-security-policy/src/html-parser.ts b/packages/content-security-policy/src/html-parser.ts
new file mode 100644
index 00000000..007a566f
--- /dev/null
+++ b/packages/content-security-policy/src/html-parser.ts
@@ -0,0 +1,103 @@
+import fs from 'node:fs'
+import util from 'node:util'
+import makeDebug from 'debug'
+import { parse, parseDefaults } from 'himalaya'
+// import type { HimalayaJson } from '../../../custom-types/himalaya/index.js'
+
+const debug = makeDebug('csp/html-parser')
+
+const readFileAsync = util.promisify(fs.readFile)
+
+interface HimalayaJson {
+  children: any[]
+  content: string
+  tagName: string
+  filter: (predicate: (x: any) => boolean) => any
+}
+
+const isHtml = (json: HimalayaJson) => json.tagName === 'html'
+
+const isHead = (json: HimalayaJson) => json.tagName === 'head'
+
+const children = (json: HimalayaJson) => json.children
+
+const isScriptTag = (json: HimalayaJson) => json.tagName === 'script'
+
+const isStyleTag = (json: HimalayaJson) => json.tagName === 'style'
+
+const content = (json: HimalayaJson) => json.content
+
+// for debugging
+// const tap = (json: HimalayaJson) => {
+//   console.log('=== Himalaya tap ===')
+//   console.log(json)
+//   return json
+// }
+
+const getScriptTagsContents = (json: HimalayaJson): string[] => {
+  // .map(tap)
+  return json
+    .filter(isHtml)
+    .flatMap(children)
+    .filter(isHead)
+    .flatMap(children)
+    .filter(isScriptTag)
+    .flatMap(children)
+    .map(content)
+}
+
+const getStyleTagsContents = (json: HimalayaJson): string[] => {
+  // .map(tap)
+  return json
+    .filter(isHtml)
+    .flatMap(children)
+    .filter(isHead)
+    .flatMap(children)
+    .filter(isStyleTag)
+    .flatMap(children)
+    .map(content)
+}
+
+/**
+ * Parses a HTML file and retrieves the content of all `<script>` tags in `<head>`.
+ *
+ * filepath is the fullpath to the HTML file to parse.
+ *
+ * @internal
+ */
+export const scriptTagsContents = async (filepath: string) => {
+  debug(`Look for <script> tags inlined in <head> in ${filepath}`)
+
+  let html: string
+  try {
+    html = await readFileAsync(filepath, { encoding: 'utf8' })
+    // https://github.com/andrejewski/himalaya/blob/master/text/ast-spec-v1.md
+    // https://github.com/andrejewski/himalaya/blob/f0b870011b84da362c863dc914157f30d4a603ac/src/index.js#L12
+  } catch (err: any) {
+    throw new Error(`Could not parse ${filepath}\n${err.message}`)
+  }
+
+  const json = parse(html, { ...parseDefaults, includePositions: false })
+  return getScriptTagsContents(json)
+}
+
+/**
+ * Parses a HTML file and retrieves the content of all `<style>` tags in `<head>`.
+ *
+ * filepath is the fullpath to the HTML file to parse.
+ *
+ * @internal
+ */
+export const styleTagsContents = async (filepath: string) => {
+  debug(`Look for <style> tags inlined in <head> in ${filepath}`)
+
+  let html: string
+  try {
+    html = await readFileAsync(filepath, { encoding: 'utf8' })
+  } catch (err: any) {
+    throw new Error(`Could not parse ${filepath}\n${err.message}`)
+  }
+
+  const json = parse(html, { ...parseDefaults, includePositions: false })
+  return getStyleTagsContents(json)
+}
diff --git a/packages/content-security-policy/src/index.ts b/packages/content-security-policy/src/index.ts
new file mode 100644
index 00000000..6d8c28fd
--- /dev/null
+++ b/packages/content-security-policy/src/index.ts
@@ -0,0 +1,9 @@
+/**
+ * Entry point for the documentation of content-security-policy.
+ *
+ * @packageDocumentation
+ */
+export { starter_policy, recommended_policy } from './policies.js'
+export { cspDirectives, cspHeader, cspJSON } from './csp-directives.js'
+export type { Config } from './csp-directives.js'
+export type { Directives } from './directives.js'
diff --git a/packages/content-security-policy/src/policies.ts b/packages/content-security-policy/src/policies.ts
new file mode 100644
index 00000000..1eb401b8
--- /dev/null
+++ b/packages/content-security-policy/src/policies.ts
@@ -0,0 +1,38 @@
+/**
+ * This is the starter policy described here:
+ * https://content-security-policy.com/
+ */
+export const starter_policy = {
+  'base-uri': ['self'],
+  'connect-src': ['self'],
+  'default-src': ['none'],
+  'form-action': ['self'],
+  'img-src': ['self'],
+  'script-src': ['self'],
+  'style-src': ['self']
+}
+
+/**
+ * Recommended policy for most sites.
+ *
+ * Differences with the standard policy are the following ones:
+ * - font-src is set to 'self', to allow self-hosted fonts
+ * - frame-ancestors is set to 'none'
+ * - manifest-src is set to 'self', to allow a self-hosted web application
+ *   manifest,so the website can be installed as Progressive Web App.
+ *   Learn more: https://developer.mozilla.org/en-US/docs/Web/Manifest
+ * - object-src is set to 'none' as recommended here: https://csp.withgoogle.com/docs/strict-csp.html
+ * - prefetch-src is set to 'self, to allow prefetching content hosted on this origin
+ * - upgrade-insecure-requests is set to true, even if I am not sure it's
+ *   really necessary, since it does NOT replace HSTS.
+ *   Learn more: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests
+ */
+export const recommended_policy = {
+  ...starter_policy,
+  'font-src': ['self'],
+  'frame-ancestors': ['none'],
+  'manifest-src': ['self'],
+  'object-src': ['none'],
+  'prefetch-src': ['self'],
+  'upgrade-insecure-requests': true
+}
diff --git a/packages/content-security-policy/src/schemas.ts b/packages/content-security-policy/src/schemas.ts
new file mode 100644
index 00000000..5daee95f
--- /dev/null
+++ b/packages/content-security-policy/src/schemas.ts
@@ -0,0 +1,169 @@
+import Joi from 'joi'
+
+// 2 is because top level domains have at least 2 characters
+const csp_host_source_with_no_protocol = Joi.string().pattern(
+  /^((?!https?).)+(.*\..{2,})$/,
+  {
+    name: 'host-with-no-protocol'
+  }
+)
+
+const csp_host_source_with_protocol = Joi.string().pattern(/^https?:\/\/.*$/, {
+  name: 'host-with-protocol'
+})
+
+const csp_hash_source_to_compute = Joi.valid('sha256', 'sha384', 'sha512')
+
+const csp_hash_source = Joi.string().pattern(/^sha-(256|384|512).*$/, {
+  name: '<hash-algorithm>-<base64-value>'
+})
+
+const csp_nonce_source = Joi.string().pattern(/^nonce-.*$/, {
+  name: 'nonce-<base64-value>'
+})
+
+export const csp_scheme_source = Joi.valid(
+  'http:',
+  'https:',
+  // data schemes are possible, but not recommended
+  'blob:',
+  'data:',
+  'filesystem:',
+  'mediastream:'
+)
+
+// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/Sources#sources
+// const csp_source_value = Joi.string().min(1)
+const csp_source_value = Joi.alternatives().try(
+  csp_host_source_with_no_protocol,
+  csp_host_source_with_protocol,
+  csp_scheme_source,
+  csp_hash_source_to_compute,
+  csp_hash_source,
+  csp_nonce_source,
+  Joi.valid(
+    'none',
+    'report-sample',
+    'self',
+    'strict-dynamic',
+    'unsafe-eval',
+    'unsafe-hashes',
+    'unsafe-inline'
+  )
+)
+
+// https://joi.dev/api/?v=17.6.0#arrayuniquecomparator-options
+const hashAlgorithmComparator = (a: string, b: string) => {
+  if (a === 'sha256' && (b === 'sha384' || b === 'sha512')) {
+    return true
+  }
+  if (a === 'sha384' && (b === 'sha256' || b === 'sha512')) {
+    return true
+  }
+  if (a === 'sha512' && (b === 'sha256' || b === 'sha384')) {
+    return true
+  }
+  return false
+}
+
+export const csp_source_values = Joi.array()
+  .items(csp_source_value)
+  .min(1)
+  .unique()
+  .unique(hashAlgorithmComparator)
+
+const glob_pattern = Joi.string().min(1)
+
+const glob_patterns = Joi.array().items(glob_pattern).min(1)
+
+// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/report-to
+const groupname = Joi.string().min(1)
+
+const groupnames = Joi.array().items(groupname).min(1)
+
+// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/require-trusted-types-for
+const require_trusted_types_for_value = Joi.string().valid('script')
+
+// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/sandbox
+const sandbox_value = Joi.string().valid(
+  'allow-downloads',
+  'allow-downloads-without-user-activation',
+  'allow-forms',
+  'allow-modals',
+  'allow-orientation-lock',
+  'allow-pointer-lock',
+  'allow-popups',
+  'allow-popups-to-escape-sandbox',
+  'allow-presentation',
+  'allow-same-origin',
+  'allow-scripts',
+  'allow-storage-access-by-user-activation',
+  'allow-top-navigation',
+  'allow-top-navigation-by-user-activation',
+  'allow-top-navigation-to-custom-protocol'
+)
+
+// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/trusted-types
+const trusted_types_value = Joi.string().min(1)
+
+export const defaultOptions = {
+  allowDeprecatedDirectives: false,
+  directives: {},
+  globPatterns: ['/', '/*/'],
+  globPatternsDetach: [],
+  excludePatterns: [],
+  includePatterns: ['/**/**.html'],
+  reportOnly: false
+}
+
+export const directives = Joi.object({
+  'base-uri': csp_source_values,
+  'child-src': csp_source_values,
+  'connect-src': csp_source_values,
+  'default-src': csp_source_values,
+  'font-src': csp_source_values,
+  'form-action': csp_source_values,
+  'frame-ancestors': csp_source_values,
+  'frame-src': csp_source_values,
+  'img-src': csp_source_values,
+  'manifest-src': csp_source_values,
+  'media-src': csp_source_values,
+  'navigate-to': csp_source_values,
+  'object-src': csp_source_values,
+  'prefetch-src': csp_source_values,
+  'report-to': groupnames,
+  'require-trusted-types-for': Joi.array()
+    .items(require_trusted_types_for_value)
+    .min(1),
+  sandbox: Joi.array().items(sandbox_value).min(1),
+  'script-src': csp_source_values,
+  'script-src-attr': csp_source_values,
+  'script-src-elem': csp_source_values,
+  'source-values': csp_source_values,
+  'style-src': csp_source_values,
+  'style-src-attr': csp_source_values,
+  'style-src-elem': csp_source_values,
+  'trusted-types': Joi.array().items(trusted_types_value).min(1),
+  // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests
+  'upgrade-insecure-requests': Joi.boolean(),
+  'worker-src': csp_source_values
+})
+
+export const pluginOptions = Joi.object().keys({
+  allowDeprecatedDirectives: Joi.boolean().default(
+    defaultOptions.allowDeprecatedDirectives
+  ),
+
+  directives: directives.default(defaultOptions.directives),
+
+  excludePatterns: glob_patterns.default(defaultOptions.excludePatterns),
+
+  globPatterns: glob_patterns.default(defaultOptions.globPatterns),
+
+  // https://developers.cloudflare.com/pages/platform/headers/#detach-a-header
+  globPatternsDetach: glob_patterns.default(defaultOptions.globPatternsDetach),
+
+  includePatterns: glob_patterns.default(defaultOptions.includePatterns),
+
+  reportOnly: Joi.boolean().default(defaultOptions.reportOnly)
+})
diff --git a/packages/content-security-policy/src/source-values.ts b/packages/content-security-policy/src/source-values.ts
new file mode 100644
index 00000000..caa84bf4
--- /dev/null
+++ b/packages/content-security-policy/src/source-values.ts
@@ -0,0 +1,154 @@
+import makeDebug from 'debug'
+import {
+  hashAlgorithmMap,
+  noHashSpecifiedMessage,
+  hashesScriptSrcElem,
+  hashesStyleSrcElem
+} from './hash.js'
+import type { Algorithm, DirectiveKey } from './hash.js'
+import type { Directives } from './directives.js'
+
+const debug = makeDebug('csp/source-values')
+
+interface CspSourceValuesConfigOne {
+  algorithm: Algorithm
+  hashes: string[]
+  values: string[]
+}
+
+/**
+ * @internal
+ */
+const cspSourceValues = ({
+  algorithm,
+  hashes,
+  values
+}: CspSourceValuesConfigOne) => {
+  const i = values.indexOf(algorithm)
+  if (i !== -1) {
+    debug(`Found ${algorithm} at index ${i}.`)
+    return [...values.slice(0, i), ...values.slice(i + 1), ...hashes]
+  } else {
+    return values
+  }
+}
+
+interface Config {
+  directive: DirectiveKey
+  directives: Directives
+  patterns: string[]
+}
+
+interface AlgorithmConfig {
+  directive: DirectiveKey
+  directives: Directives
+}
+
+const hashAlgorithm = ({ directive, directives }: AlgorithmConfig) => {
+  const hash_algo = hashAlgorithmMap(directives)
+  return hash_algo[directive] as Algorithm | undefined
+}
+
+/**
+ * @internal
+ */
+export const cspSourceValuesScriptAttr = async ({
+  directive,
+  directives
+}: Config) => {
+  const algorithm = hashAlgorithm({ directive, directives })
+
+  if (!algorithm) {
+    debug(noHashSpecifiedMessage(directive))
+    return directives[directive]
+  }
+
+  throw new Error(
+    `NOT IMPLEMENTED: content hash generation for the ${directive} CSP directive is currently not implemented. Use 'unsafe-hashes' instead.`
+  )
+}
+
+/**
+ * @internal
+ */
+export const cspSourceValuesScriptElem = async ({
+  directive,
+  directives,
+  patterns
+}: Config) => {
+  const algorithm = hashAlgorithm({ directive, directives })
+
+  if (!algorithm) {
+    debug(
+      `CSP directive ${directive}: no has algorithm specified. No hash will be generated. Return original CSP source values.`
+    )
+    return directives[directive]
+  }
+
+  debug(noHashSpecifiedMessage(directive))
+
+  const hashes = await hashesScriptSrcElem({
+    algorithm,
+    patterns
+  })
+
+  debug(`CSP directive ${directive}: allow hashes %O`, hashes)
+
+  return cspSourceValues({
+    algorithm,
+    hashes,
+    values: directives[directive]
+  })
+}
+
+/**
+ * @internal
+ */
+export const cspSourceValuesStyleAttr = async ({
+  directive,
+  directives
+}: Config) => {
+  const algorithm = hashAlgorithm({ directive, directives })
+
+  if (!algorithm) {
+    debug(noHashSpecifiedMessage(directive))
+    return directives[directive]
+  }
+
+  throw new Error(
+    `NOT IMPLEMENTED: content hash generation for the ${directive} CSP directive is currently not implemented. Use 'unsafe-inline' instead.`
+  )
+}
+
+/**
+ * @internal
+ */
+export const cspSourceValuesStyleElem = async ({
+  directive,
+  directives,
+  patterns
+}: Config) => {
+  const algorithm = hashAlgorithm({ directive, directives })
+
+  if (!algorithm) {
+    debug(noHashSpecifiedMessage(directive))
+    return directives[directive]
+  }
+
+  debug(
+    `CSP directive ${directive}: parse HTML and compute ${algorithm} hashes`
+  )
+
+  const hashes = await hashesStyleSrcElem({
+    algorithm,
+    patterns
+  })
+
+  debug(`CSP directive ${directive}: allow hashes %O`, hashes)
+
+  return cspSourceValues({
+    algorithm,
+    hashes,
+    values: directives[directive]
+  })
+}
diff --git a/packages/content-security-policy/src/utils.ts b/packages/content-security-policy/src/utils.ts
new file mode 100644
index 00000000..b5ab0bfb
--- /dev/null
+++ b/packages/content-security-policy/src/utils.ts
@@ -0,0 +1,95 @@
+import crypto from 'node:crypto'
+import makeDebug from 'debug'
+
+const debug = makeDebug('csp/utils')
+
+export const isBoolean = (val: any) => typeof val === 'boolean'
+
+export const isObject = (item: any) => {
+  return item && typeof item === 'object' && !Array.isArray(item)
+}
+
+export const isString = (item: any) => {
+  return item && (typeof item === 'string' || item instanceof String)
+}
+
+export const mergeDeep = (target: any, ...sources: any[]): any => {
+  if (!sources.length) {
+    return target
+  }
+  const source = sources.shift()
+  // debug(`merge SOURCE %O into TARGET %O`, source, target)
+
+  if (isObject(target) && isObject(source)) {
+    for (const key in source) {
+      if (isObject(source[key])) {
+        if (!target[key])
+          Object.assign(target, {
+            [key]: {}
+          })
+        mergeDeep(target[key], source[key])
+      } else {
+        Object.assign(target, {
+          [key]: source[key]
+        })
+      }
+    }
+  }
+
+  return mergeDeep(target, ...sources)
+}
+
+// https://bobbyhadz.com/blog/javascript-get-difference-between-two-sets
+export function diffBetweenSets(setA: Set<any>, setB: Set<any>) {
+  return new Set([...setA].filter((elem) => !setB.has(elem)))
+}
+
+export const stringReplacer = (s: string) => {
+  if (
+    s === 'none' ||
+    s === 'report-sample' ||
+    s === 'script' ||
+    s === 'self' ||
+    s === 'strict-dynamic' ||
+    s === 'unsafe-eval' ||
+    s === 'unsafe-hashes' ||
+    s === 'unsafe-inline' ||
+    s.startsWith('sha')
+  ) {
+    return s.replace(s, `'${s}'`)
+  } else {
+    return s
+  }
+}
+
+export const hashAlgorithmFromCspSourceValues = (arr: string[]) => {
+  const algorithms = arr.filter(
+    (s) => s === 'sha256' || s === 'sha384' || s === 'sha512'
+  )
+
+  debug(`Hash algorithms found: ${algorithms.join(', ')}`)
+
+  if (algorithms.length === 0) {
+    return { value: undefined, error: undefined }
+  } else if (algorithms.length === 1) {
+    return { value: algorithms[0], error: undefined }
+  } else {
+    return {
+      value: undefined,
+      error: new Error(
+        `multiple hash algorithms specified (${algorithms.join(', ')})`
+      )
+    }
+  }
+}
+
+interface ContentHashConfig {
+  algorithm: string
+  content: string
+}
+
+export const contentHash = ({ algorithm, content }: ContentHashConfig) => {
+  debug(`Compute ${algorithm}-hash from a string of length ${content.length}`)
+  const hasher = crypto.createHash(algorithm)
+  return `${algorithm}-${hasher.update(content, 'utf-8').digest('base64')}`
+}
diff --git a/packages/content-security-policy/tsconfig.json b/packages/content-security-policy/tsconfig.json
new file mode 100644
index 00000000..d90f8147
--- /dev/null
+++ b/packages/content-security-policy/tsconfig.json
@@ -0,0 +1,8 @@
+{
+  "extends": "../../config/tsconfig.nodejs-lib.json",
+  "compilerOptions": {
+    "outDir": "./lib",
+    "rootDir": "./src"
+  },
+  "include": ["./src/**/*.ts"]
+}
diff --git a/tsconfig.json b/tsconfig.json
index 7ab66581..1212d383 100644
--- a/tsconfig.json
+++ b/tsconfig.json
@@ -9,6 +9,9 @@
     {
       "path": "./packages/checks/tsconfig.json"
     },
+    {
+      "path": "./packages/content-security-policy/tsconfig.json"
+    },
     {
       "path": "./packages/utils/tsconfig.json"
     },

From 69b4eea523149e62ab3bc4726ac747594a340d34 Mon Sep 17 00:00:00 2001
From: semantic-release-bot <semantic-release-bot@martynus.net>
Date: Wed, 28 Sep 2022 16:02:36 +0000
Subject: [PATCH 02/15] chore(content-security-policy): release
 v.1.0.0-canary.1 [skip ci]

## @jackdbd/content-security-policy 1.0.0-canary.1 (2022-09-28)

### Features

* **content-security-policy:** add package ([454709f](https://github.com/jackdbd/calderone/commit/454709f7e84b1ee7c1880c5c7a25b4baff1ac199))
---
 packages/content-security-policy/CHANGELOG.md | 8 ++++++++
 packages/content-security-policy/package.json | 2 +-
 2 files changed, 9 insertions(+), 1 deletion(-)
 create mode 100644 packages/content-security-policy/CHANGELOG.md

diff --git a/packages/content-security-policy/CHANGELOG.md b/packages/content-security-policy/CHANGELOG.md
new file mode 100644
index 00000000..73c4f4f5
--- /dev/null
+++ b/packages/content-security-policy/CHANGELOG.md
@@ -0,0 +1,8 @@
+# CHANGELOG
+
+## @jackdbd/content-security-policy 1.0.0-canary.1 (2022-09-28)
+
+
+### Features
+
+* **content-security-policy:** add package ([454709f](https://github.com/jackdbd/calderone/commit/454709f7e84b1ee7c1880c5c7a25b4baff1ac199))
diff --git a/packages/content-security-policy/package.json b/packages/content-security-policy/package.json
index 3ebe00c0..36fcff9a 100644
--- a/packages/content-security-policy/package.json
+++ b/packages/content-security-policy/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@jackdbd/content-security-policy",
-  "version": "0.0.0",
+  "version": "1.0.0-canary.1",
   "description": "",
   "author": {
     "name": "Giacomo Debidda",

From 2131f7a21540b1b9c2ac319b1d0a5dac3c297982 Mon Sep 17 00:00:00 2001
From: Giacomo Debidda <giacomo@giacomodebidda.com>
Date: Wed, 28 Sep 2022 18:29:34 +0200
Subject: [PATCH 03/15] fix(content-security-policy): add some exports that
 were missing

---
 docs/content-security-policy/assets/search.js |  2 +-
 .../functions/cspDirectives.html              |  6 +-
 .../functions/cspHeader.html                  |  6 +-
 .../functions/cspJSON.html                    |  6 +-
 .../functions/validationErrorOrWarnings.html  | 61 ++++++++++++++++
 docs/content-security-policy/index.html       |  4 +-
 .../interfaces/Config.html                    |  6 +-
 .../interfaces/Directives.html                |  6 +-
 .../ValidationErrorOrWarningsConfig.html      | 72 +++++++++++++++++++
 docs/content-security-policy/modules.html     |  6 +-
 .../variables/recommended_policy.html         |  6 +-
 .../variables/starter_policy.html             |  6 +-
 .../.ae/content-security-policy.api.md        | 17 +++++
 .../api-docs/content-security-policy.md       |  2 +
 ...curity-policy.validationerrororwarnings.md | 18 +++++
 ...arningsconfig.allowdeprecateddirectives.md | 11 +++
 ...y.validationerrororwarningsconfig.error.md | 11 +++
 ...-policy.validationerrororwarningsconfig.md | 20 ++++++
 packages/content-security-policy/package.json |  9 ++-
 .../content-security-policy/src/errors.ts     |  6 +-
 packages/content-security-policy/src/index.ts |  2 +
 packages/content-security-policy/src/utils.ts | 43 +++++------
 22 files changed, 277 insertions(+), 49 deletions(-)
 create mode 100644 docs/content-security-policy/functions/validationErrorOrWarnings.html
 create mode 100644 docs/content-security-policy/interfaces/ValidationErrorOrWarningsConfig.html
 create mode 100644 packages/content-security-policy/api-docs/content-security-policy.validationerrororwarnings.md
 create mode 100644 packages/content-security-policy/api-docs/content-security-policy.validationerrororwarningsconfig.allowdeprecateddirectives.md
 create mode 100644 packages/content-security-policy/api-docs/content-security-policy.validationerrororwarningsconfig.error.md
 create mode 100644 packages/content-security-policy/api-docs/content-security-policy.validationerrororwarningsconfig.md

diff --git a/docs/content-security-policy/assets/search.js b/docs/content-security-policy/assets/search.js
index 71fdcf50..127526f8 100644
--- a/docs/content-security-policy/assets/search.js
+++ b/docs/content-security-policy/assets/search.js
@@ -1 +1 @@
-window.searchData = JSON.parse("{\"kinds\":{\"32\":\"Variable\",\"64\":\"Function\",\"256\":\"Interface\",\"1024\":\"Property\",\"65536\":\"Type literal\"},\"rows\":[{\"kind\":32,\"name\":\"starter_policy\",\"url\":\"variables/starter_policy.html\",\"classes\":\"tsd-kind-variable\"},{\"kind\":65536,\"name\":\"__type\",\"url\":\"variables/starter_policy.html#__type\",\"classes\":\"tsd-kind-type-literal tsd-parent-kind-variable\",\"parent\":\"starter_policy\"},{\"kind\":1024,\"name\":\"base-uri\",\"url\":\"variables/starter_policy.html#__type.base_uri\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"starter_policy.__type\"},{\"kind\":1024,\"name\":\"connect-src\",\"url\":\"variables/starter_policy.html#__type.connect_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"starter_policy.__type\"},{\"kind\":1024,\"name\":\"default-src\",\"url\":\"variables/starter_policy.html#__type.default_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"starter_policy.__type\"},{\"kind\":1024,\"name\":\"form-action\",\"url\":\"variables/starter_policy.html#__type.form_action\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"starter_policy.__type\"},{\"kind\":1024,\"name\":\"img-src\",\"url\":\"variables/starter_policy.html#__type.img_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"starter_policy.__type\"},{\"kind\":1024,\"name\":\"script-src\",\"url\":\"variables/starter_policy.html#__type.script_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"starter_policy.__type\"},{\"kind\":1024,\"name\":\"style-src\",\"url\":\"variables/starter_policy.html#__type.style_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"starter_policy.__type\"},{\"kind\":32,\"name\":\"recommended_policy\",\"url\":\"variables/recommended_policy.html\",\"classes\":\"tsd-kind-variable\"},{\"kind\":65536,\"name\":\"__type\",\"url\":\"variables/recommended_policy.html#__type\",\"classes\":\"tsd-kind-type-literal tsd-parent-kind-variable\",\"parent\":\"recommended_policy\"},{\"kind\":1024,\"name\":\"font-src\",\"url\":\"variables/recommended_policy.html#__type.font_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"frame-ancestors\",\"url\":\"variables/recommended_policy.html#__type.frame_ancestors\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"manifest-src\",\"url\":\"variables/recommended_policy.html#__type.manifest_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"object-src\",\"url\":\"variables/recommended_policy.html#__type.object_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"prefetch-src\",\"url\":\"variables/recommended_policy.html#__type.prefetch_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"upgrade-insecure-requests\",\"url\":\"variables/recommended_policy.html#__type.upgrade_insecure_requests\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"base-uri\",\"url\":\"variables/recommended_policy.html#__type.base_uri\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"connect-src\",\"url\":\"variables/recommended_policy.html#__type.connect_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"default-src\",\"url\":\"variables/recommended_policy.html#__type.default_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"form-action\",\"url\":\"variables/recommended_policy.html#__type.form_action\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"img-src\",\"url\":\"variables/recommended_policy.html#__type.img_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"script-src\",\"url\":\"variables/recommended_policy.html#__type.script_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"style-src\",\"url\":\"variables/recommended_policy.html#__type.style_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":64,\"name\":\"cspDirectives\",\"url\":\"functions/cspDirectives.html\",\"classes\":\"tsd-kind-function\"},{\"kind\":64,\"name\":\"cspHeader\",\"url\":\"functions/cspHeader.html\",\"classes\":\"tsd-kind-function\"},{\"kind\":64,\"name\":\"cspJSON\",\"url\":\"functions/cspJSON.html\",\"classes\":\"tsd-kind-function\"},{\"kind\":256,\"name\":\"Config\",\"url\":\"interfaces/Config.html\",\"classes\":\"tsd-kind-interface\"},{\"kind\":1024,\"name\":\"directives\",\"url\":\"interfaces/Config.html#directives\",\"classes\":\"tsd-kind-property tsd-parent-kind-interface\",\"parent\":\"Config\"},{\"kind\":1024,\"name\":\"patterns\",\"url\":\"interfaces/Config.html#patterns\",\"classes\":\"tsd-kind-property tsd-parent-kind-interface\",\"parent\":\"Config\"},{\"kind\":256,\"name\":\"Directives\",\"url\":\"interfaces/Directives.html\",\"classes\":\"tsd-kind-interface\"}],\"index\":{\"version\":\"2.3.9\",\"fields\":[\"name\",\"comment\"],\"fieldVectors\":[[\"name/0\",[0,36.659]],[\"comment/0\",[]],[\"name/1\",[1,30.54]],[\"comment/1\",[]],[\"name/2\",[2,23.635,3,23.635]],[\"comment/2\",[]],[\"name/3\",[4,23.635,5,7.339]],[\"comment/3\",[]],[\"name/4\",[5,7.339,6,23.635]],[\"comment/4\",[]],[\"name/5\",[7,23.635,8,23.635]],[\"comment/5\",[]],[\"name/6\",[5,7.339,9,23.635]],[\"comment/6\",[]],[\"name/7\",[5,7.339,10,23.635]],[\"comment/7\",[]],[\"name/8\",[5,7.339,11,23.635]],[\"comment/8\",[]],[\"name/9\",[12,36.659]],[\"comment/9\",[]],[\"name/10\",[1,30.54]],[\"comment/10\",[]],[\"name/11\",[5,7.339,13,28.371]],[\"comment/11\",[]],[\"name/12\",[14,28.371,15,28.371]],[\"comment/12\",[]],[\"name/13\",[5,7.339,16,28.371]],[\"comment/13\",[]],[\"name/14\",[5,7.339,17,28.371]],[\"comment/14\",[]],[\"name/15\",[5,7.339,18,28.371]],[\"comment/15\",[]],[\"name/16\",[19,23.139,20,23.139,21,23.139]],[\"comment/16\",[]],[\"name/17\",[2,23.635,3,23.635]],[\"comment/17\",[]],[\"name/18\",[4,23.635,5,7.339]],[\"comment/18\",[]],[\"name/19\",[5,7.339,6,23.635]],[\"comment/19\",[]],[\"name/20\",[7,23.635,8,23.635]],[\"comment/20\",[]],[\"name/21\",[5,7.339,9,23.635]],[\"comment/21\",[]],[\"name/22\",[5,7.339,10,23.635]],[\"comment/22\",[]],[\"name/23\",[5,7.339,11,23.635]],[\"comment/23\",[]],[\"name/24\",[22,36.659]],[\"comment/24\",[]],[\"name/25\",[23,36.659]],[\"comment/25\",[]],[\"name/26\",[24,36.659]],[\"comment/26\",[]],[\"name/27\",[25,36.659]],[\"comment/27\",[]],[\"name/28\",[26,30.54]],[\"comment/28\",[]],[\"name/29\",[27,36.659]],[\"comment/29\",[]],[\"name/30\",[26,30.54]],[\"comment/30\",[]]],\"invertedIndex\":[[\"__type\",{\"_index\":1,\"name\":{\"1\":{},\"10\":{}},\"comment\":{}}],[\"action\",{\"_index\":8,\"name\":{\"5\":{},\"20\":{}},\"comment\":{}}],[\"ancestors\",{\"_index\":15,\"name\":{\"12\":{}},\"comment\":{}}],[\"base\",{\"_index\":2,\"name\":{\"2\":{},\"17\":{}},\"comment\":{}}],[\"config\",{\"_index\":25,\"name\":{\"27\":{}},\"comment\":{}}],[\"connect\",{\"_index\":4,\"name\":{\"3\":{},\"18\":{}},\"comment\":{}}],[\"cspdirectives\",{\"_index\":22,\"name\":{\"24\":{}},\"comment\":{}}],[\"cspheader\",{\"_index\":23,\"name\":{\"25\":{}},\"comment\":{}}],[\"cspjson\",{\"_index\":24,\"name\":{\"26\":{}},\"comment\":{}}],[\"default\",{\"_index\":6,\"name\":{\"4\":{},\"19\":{}},\"comment\":{}}],[\"directives\",{\"_index\":26,\"name\":{\"28\":{},\"30\":{}},\"comment\":{}}],[\"font\",{\"_index\":13,\"name\":{\"11\":{}},\"comment\":{}}],[\"form\",{\"_index\":7,\"name\":{\"5\":{},\"20\":{}},\"comment\":{}}],[\"frame\",{\"_index\":14,\"name\":{\"12\":{}},\"comment\":{}}],[\"img\",{\"_index\":9,\"name\":{\"6\":{},\"21\":{}},\"comment\":{}}],[\"insecure\",{\"_index\":20,\"name\":{\"16\":{}},\"comment\":{}}],[\"manifest\",{\"_index\":16,\"name\":{\"13\":{}},\"comment\":{}}],[\"object\",{\"_index\":17,\"name\":{\"14\":{}},\"comment\":{}}],[\"patterns\",{\"_index\":27,\"name\":{\"29\":{}},\"comment\":{}}],[\"prefetch\",{\"_index\":18,\"name\":{\"15\":{}},\"comment\":{}}],[\"recommended_policy\",{\"_index\":12,\"name\":{\"9\":{}},\"comment\":{}}],[\"requests\",{\"_index\":21,\"name\":{\"16\":{}},\"comment\":{}}],[\"script\",{\"_index\":10,\"name\":{\"7\":{},\"22\":{}},\"comment\":{}}],[\"src\",{\"_index\":5,\"name\":{\"3\":{},\"4\":{},\"6\":{},\"7\":{},\"8\":{},\"11\":{},\"13\":{},\"14\":{},\"15\":{},\"18\":{},\"19\":{},\"21\":{},\"22\":{},\"23\":{}},\"comment\":{}}],[\"starter_policy\",{\"_index\":0,\"name\":{\"0\":{}},\"comment\":{}}],[\"style\",{\"_index\":11,\"name\":{\"8\":{},\"23\":{}},\"comment\":{}}],[\"upgrade\",{\"_index\":19,\"name\":{\"16\":{}},\"comment\":{}}],[\"uri\",{\"_index\":3,\"name\":{\"2\":{},\"17\":{}},\"comment\":{}}]],\"pipeline\":[]}}");
\ No newline at end of file
+window.searchData = JSON.parse("{\"kinds\":{\"32\":\"Variable\",\"64\":\"Function\",\"256\":\"Interface\",\"1024\":\"Property\",\"65536\":\"Type literal\"},\"rows\":[{\"kind\":32,\"name\":\"starter_policy\",\"url\":\"variables/starter_policy.html\",\"classes\":\"tsd-kind-variable\"},{\"kind\":65536,\"name\":\"__type\",\"url\":\"variables/starter_policy.html#__type\",\"classes\":\"tsd-kind-type-literal tsd-parent-kind-variable\",\"parent\":\"starter_policy\"},{\"kind\":1024,\"name\":\"base-uri\",\"url\":\"variables/starter_policy.html#__type.base_uri\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"starter_policy.__type\"},{\"kind\":1024,\"name\":\"connect-src\",\"url\":\"variables/starter_policy.html#__type.connect_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"starter_policy.__type\"},{\"kind\":1024,\"name\":\"default-src\",\"url\":\"variables/starter_policy.html#__type.default_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"starter_policy.__type\"},{\"kind\":1024,\"name\":\"form-action\",\"url\":\"variables/starter_policy.html#__type.form_action\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"starter_policy.__type\"},{\"kind\":1024,\"name\":\"img-src\",\"url\":\"variables/starter_policy.html#__type.img_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"starter_policy.__type\"},{\"kind\":1024,\"name\":\"script-src\",\"url\":\"variables/starter_policy.html#__type.script_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"starter_policy.__type\"},{\"kind\":1024,\"name\":\"style-src\",\"url\":\"variables/starter_policy.html#__type.style_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"starter_policy.__type\"},{\"kind\":32,\"name\":\"recommended_policy\",\"url\":\"variables/recommended_policy.html\",\"classes\":\"tsd-kind-variable\"},{\"kind\":65536,\"name\":\"__type\",\"url\":\"variables/recommended_policy.html#__type\",\"classes\":\"tsd-kind-type-literal tsd-parent-kind-variable\",\"parent\":\"recommended_policy\"},{\"kind\":1024,\"name\":\"font-src\",\"url\":\"variables/recommended_policy.html#__type.font_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"frame-ancestors\",\"url\":\"variables/recommended_policy.html#__type.frame_ancestors\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"manifest-src\",\"url\":\"variables/recommended_policy.html#__type.manifest_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"object-src\",\"url\":\"variables/recommended_policy.html#__type.object_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"prefetch-src\",\"url\":\"variables/recommended_policy.html#__type.prefetch_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"upgrade-insecure-requests\",\"url\":\"variables/recommended_policy.html#__type.upgrade_insecure_requests\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"base-uri\",\"url\":\"variables/recommended_policy.html#__type.base_uri\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"connect-src\",\"url\":\"variables/recommended_policy.html#__type.connect_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"default-src\",\"url\":\"variables/recommended_policy.html#__type.default_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"form-action\",\"url\":\"variables/recommended_policy.html#__type.form_action\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"img-src\",\"url\":\"variables/recommended_policy.html#__type.img_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"script-src\",\"url\":\"variables/recommended_policy.html#__type.script_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":1024,\"name\":\"style-src\",\"url\":\"variables/recommended_policy.html#__type.style_src\",\"classes\":\"tsd-kind-property tsd-parent-kind-type-literal\",\"parent\":\"recommended_policy.__type\"},{\"kind\":64,\"name\":\"cspDirectives\",\"url\":\"functions/cspDirectives.html\",\"classes\":\"tsd-kind-function\"},{\"kind\":64,\"name\":\"cspHeader\",\"url\":\"functions/cspHeader.html\",\"classes\":\"tsd-kind-function\"},{\"kind\":64,\"name\":\"cspJSON\",\"url\":\"functions/cspJSON.html\",\"classes\":\"tsd-kind-function\"},{\"kind\":256,\"name\":\"Config\",\"url\":\"interfaces/Config.html\",\"classes\":\"tsd-kind-interface\"},{\"kind\":1024,\"name\":\"directives\",\"url\":\"interfaces/Config.html#directives\",\"classes\":\"tsd-kind-property tsd-parent-kind-interface\",\"parent\":\"Config\"},{\"kind\":1024,\"name\":\"patterns\",\"url\":\"interfaces/Config.html#patterns\",\"classes\":\"tsd-kind-property tsd-parent-kind-interface\",\"parent\":\"Config\"},{\"kind\":256,\"name\":\"Directives\",\"url\":\"interfaces/Directives.html\",\"classes\":\"tsd-kind-interface\"},{\"kind\":64,\"name\":\"validationErrorOrWarnings\",\"url\":\"functions/validationErrorOrWarnings.html\",\"classes\":\"tsd-kind-function\"},{\"kind\":256,\"name\":\"ValidationErrorOrWarningsConfig\",\"url\":\"interfaces/ValidationErrorOrWarningsConfig.html\",\"classes\":\"tsd-kind-interface\"},{\"kind\":1024,\"name\":\"allowDeprecatedDirectives\",\"url\":\"interfaces/ValidationErrorOrWarningsConfig.html#allowDeprecatedDirectives\",\"classes\":\"tsd-kind-property tsd-parent-kind-interface\",\"parent\":\"ValidationErrorOrWarningsConfig\"},{\"kind\":1024,\"name\":\"error\",\"url\":\"interfaces/ValidationErrorOrWarningsConfig.html#error\",\"classes\":\"tsd-kind-property tsd-parent-kind-interface\",\"parent\":\"ValidationErrorOrWarningsConfig\"}],\"index\":{\"version\":\"2.3.9\",\"fields\":[\"name\",\"comment\"],\"fieldVectors\":[[\"name/0\",[0,37.539]],[\"comment/0\",[]],[\"name/1\",[1,31.506]],[\"comment/1\",[]],[\"name/2\",[2,24.198,3,24.198]],[\"comment/2\",[]],[\"name/3\",[4,24.198,5,8.25]],[\"comment/3\",[]],[\"name/4\",[5,8.25,6,24.198]],[\"comment/4\",[]],[\"name/5\",[7,24.198,8,24.198]],[\"comment/5\",[]],[\"name/6\",[5,8.25,9,24.198]],[\"comment/6\",[]],[\"name/7\",[5,8.25,10,24.198]],[\"comment/7\",[]],[\"name/8\",[5,8.25,11,24.198]],[\"comment/8\",[]],[\"name/9\",[12,37.539]],[\"comment/9\",[]],[\"name/10\",[1,31.506]],[\"comment/10\",[]],[\"name/11\",[5,8.25,13,28.832]],[\"comment/11\",[]],[\"name/12\",[14,28.832,15,28.832]],[\"comment/12\",[]],[\"name/13\",[5,8.25,16,28.832]],[\"comment/13\",[]],[\"name/14\",[5,8.25,17,28.832]],[\"comment/14\",[]],[\"name/15\",[5,8.25,18,28.832]],[\"comment/15\",[]],[\"name/16\",[19,23.403,20,23.403,21,23.403]],[\"comment/16\",[]],[\"name/17\",[2,24.198,3,24.198]],[\"comment/17\",[]],[\"name/18\",[4,24.198,5,8.25]],[\"comment/18\",[]],[\"name/19\",[5,8.25,6,24.198]],[\"comment/19\",[]],[\"name/20\",[7,24.198,8,24.198]],[\"comment/20\",[]],[\"name/21\",[5,8.25,9,24.198]],[\"comment/21\",[]],[\"name/22\",[5,8.25,10,24.198]],[\"comment/22\",[]],[\"name/23\",[5,8.25,11,24.198]],[\"comment/23\",[]],[\"name/24\",[22,37.539]],[\"comment/24\",[]],[\"name/25\",[23,37.539]],[\"comment/25\",[]],[\"name/26\",[24,37.539]],[\"comment/26\",[]],[\"name/27\",[25,37.539]],[\"comment/27\",[]],[\"name/28\",[26,31.506]],[\"comment/28\",[]],[\"name/29\",[27,37.539]],[\"comment/29\",[]],[\"name/30\",[26,31.506]],[\"comment/30\",[]],[\"name/31\",[28,37.539]],[\"comment/31\",[]],[\"name/32\",[29,37.539]],[\"comment/32\",[]],[\"name/33\",[30,37.539]],[\"comment/33\",[]],[\"name/34\",[31,37.539]],[\"comment/34\",[]]],\"invertedIndex\":[[\"__type\",{\"_index\":1,\"name\":{\"1\":{},\"10\":{}},\"comment\":{}}],[\"action\",{\"_index\":8,\"name\":{\"5\":{},\"20\":{}},\"comment\":{}}],[\"allowdeprecateddirectives\",{\"_index\":30,\"name\":{\"33\":{}},\"comment\":{}}],[\"ancestors\",{\"_index\":15,\"name\":{\"12\":{}},\"comment\":{}}],[\"base\",{\"_index\":2,\"name\":{\"2\":{},\"17\":{}},\"comment\":{}}],[\"config\",{\"_index\":25,\"name\":{\"27\":{}},\"comment\":{}}],[\"connect\",{\"_index\":4,\"name\":{\"3\":{},\"18\":{}},\"comment\":{}}],[\"cspdirectives\",{\"_index\":22,\"name\":{\"24\":{}},\"comment\":{}}],[\"cspheader\",{\"_index\":23,\"name\":{\"25\":{}},\"comment\":{}}],[\"cspjson\",{\"_index\":24,\"name\":{\"26\":{}},\"comment\":{}}],[\"default\",{\"_index\":6,\"name\":{\"4\":{},\"19\":{}},\"comment\":{}}],[\"directives\",{\"_index\":26,\"name\":{\"28\":{},\"30\":{}},\"comment\":{}}],[\"error\",{\"_index\":31,\"name\":{\"34\":{}},\"comment\":{}}],[\"font\",{\"_index\":13,\"name\":{\"11\":{}},\"comment\":{}}],[\"form\",{\"_index\":7,\"name\":{\"5\":{},\"20\":{}},\"comment\":{}}],[\"frame\",{\"_index\":14,\"name\":{\"12\":{}},\"comment\":{}}],[\"img\",{\"_index\":9,\"name\":{\"6\":{},\"21\":{}},\"comment\":{}}],[\"insecure\",{\"_index\":20,\"name\":{\"16\":{}},\"comment\":{}}],[\"manifest\",{\"_index\":16,\"name\":{\"13\":{}},\"comment\":{}}],[\"object\",{\"_index\":17,\"name\":{\"14\":{}},\"comment\":{}}],[\"patterns\",{\"_index\":27,\"name\":{\"29\":{}},\"comment\":{}}],[\"prefetch\",{\"_index\":18,\"name\":{\"15\":{}},\"comment\":{}}],[\"recommended_policy\",{\"_index\":12,\"name\":{\"9\":{}},\"comment\":{}}],[\"requests\",{\"_index\":21,\"name\":{\"16\":{}},\"comment\":{}}],[\"script\",{\"_index\":10,\"name\":{\"7\":{},\"22\":{}},\"comment\":{}}],[\"src\",{\"_index\":5,\"name\":{\"3\":{},\"4\":{},\"6\":{},\"7\":{},\"8\":{},\"11\":{},\"13\":{},\"14\":{},\"15\":{},\"18\":{},\"19\":{},\"21\":{},\"22\":{},\"23\":{}},\"comment\":{}}],[\"starter_policy\",{\"_index\":0,\"name\":{\"0\":{}},\"comment\":{}}],[\"style\",{\"_index\":11,\"name\":{\"8\":{},\"23\":{}},\"comment\":{}}],[\"upgrade\",{\"_index\":19,\"name\":{\"16\":{}},\"comment\":{}}],[\"uri\",{\"_index\":3,\"name\":{\"2\":{},\"17\":{}},\"comment\":{}}],[\"validationerrororwarnings\",{\"_index\":28,\"name\":{\"31\":{}},\"comment\":{}}],[\"validationerrororwarningsconfig\",{\"_index\":29,\"name\":{\"32\":{}},\"comment\":{}}]],\"pipeline\":[]}}");
\ No newline at end of file
diff --git a/docs/content-security-policy/functions/cspDirectives.html b/docs/content-security-policy/functions/cspDirectives.html
index 9a75eddd..24f0a6a9 100644
--- a/docs/content-security-policy/functions/cspDirectives.html
+++ b/docs/content-security-policy/functions/cspDirectives.html
@@ -24,7 +24,7 @@ <h4 class="tsd-parameters-title">Parameters</h4>
 <h5>__namedParameters: <a href="../interfaces/Config.html" class="tsd-signature-type" data-tsd-kind="Interface">Config</a></h5></li></ul></div>
 <h4 class="tsd-returns-title">Returns <span class="tsd-signature-type">Promise</span><span class="tsd-signature-symbol">&lt;</span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol">&gt;</span></h4><aside class="tsd-sources">
 <ul>
-<li>Defined in csp-directives.ts:24</li></ul></aside></li></ul></section></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/csp-directives.ts#L24">csp-directives.ts:24</a></li></ul></aside></li></ul></section></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
@@ -49,11 +49,13 @@ <h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.9389
 <ul>
 <li class="tsd-kind-interface"><a href="../interfaces/Config.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-interface)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-256-path"></rect><path d="M9.51 16V15.016H11.298V8.224H9.51V7.24H14.19V8.224H12.402V15.016H14.19V16H9.51Z" fill="var(--color-text)" id="icon-256-text"></path></svg>Config</a></li>
 <li class="tsd-kind-interface"><a href="../interfaces/Directives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Directives</a></li>
+<li class="tsd-kind-interface"><a href="../interfaces/ValidationErrorOrWarningsConfig.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Validation<wbr/>Error<wbr/>Or<wbr/>Warnings<wbr/>Config</a></li>
 <li class="tsd-kind-variable"><a href="../variables/recommended_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-variable)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-32-path"></rect><path d="M11.106 16L8.85 7.24H9.966L11.454 13.192C11.558 13.608 11.646 13.996 11.718 14.356C11.79 14.708 11.842 14.976 11.874 15.16C11.906 14.976 11.954 14.708 12.018 14.356C12.09 13.996 12.178 13.608 12.282 13.192L13.758 7.24H14.85L12.582 16H11.106Z" fill="var(--color-text)" id="icon-32-text"></path></svg>recommended_<wbr/>policy</a></li>
 <li class="tsd-kind-variable"><a href="../variables/starter_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-32-path"></use><use href="#icon-32-text"></use></svg>starter_<wbr/>policy</a></li>
 <li class="current tsd-kind-function"><a href="cspDirectives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-function)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-64-path"></rect><path d="M9.39 16V7.24H14.55V8.224H10.446V11.128H14.238V12.112H10.47V16H9.39Z" fill="var(--color-text)" id="icon-64-text"></path></svg>csp<wbr/>Directives</a></li>
 <li class="tsd-kind-function"><a href="cspHeader.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>csp<wbr/>Header</a></li>
-<li class="tsd-kind-function"><a href="cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li></ul></nav></div></div>
+<li class="tsd-kind-function"><a href="cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li>
+<li class="tsd-kind-function"><a href="validationErrorOrWarnings.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>validation<wbr/>Error<wbr/>Or<wbr/>Warnings</a></li></ul></nav></div></div>
 <div class="container tsd-generator">
 <p>Generated using <a href="https://typedoc.org/" target="_blank">TypeDoc</a></p></div>
 <div class="overlay"></div><script src="../assets/main.js"></script></body></html>
\ No newline at end of file
diff --git a/docs/content-security-policy/functions/cspHeader.html b/docs/content-security-policy/functions/cspHeader.html
index 6220def2..e1144fa6 100644
--- a/docs/content-security-policy/functions/cspHeader.html
+++ b/docs/content-security-policy/functions/cspHeader.html
@@ -24,7 +24,7 @@ <h4 class="tsd-parameters-title">Parameters</h4>
 <h5>__namedParameters: <a href="../interfaces/Config.html" class="tsd-signature-type" data-tsd-kind="Interface">Config</a></h5></li></ul></div>
 <h4 class="tsd-returns-title">Returns <span class="tsd-signature-type">Promise</span><span class="tsd-signature-symbol">&lt;</span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">&gt;</span></h4><aside class="tsd-sources">
 <ul>
-<li>Defined in csp-directives.ts:107</li></ul></aside></li></ul></section></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/csp-directives.ts#L107">csp-directives.ts:107</a></li></ul></aside></li></ul></section></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
@@ -49,11 +49,13 @@ <h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.9389
 <ul>
 <li class="tsd-kind-interface"><a href="../interfaces/Config.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-interface)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-256-path"></rect><path d="M9.51 16V15.016H11.298V8.224H9.51V7.24H14.19V8.224H12.402V15.016H14.19V16H9.51Z" fill="var(--color-text)" id="icon-256-text"></path></svg>Config</a></li>
 <li class="tsd-kind-interface"><a href="../interfaces/Directives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Directives</a></li>
+<li class="tsd-kind-interface"><a href="../interfaces/ValidationErrorOrWarningsConfig.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Validation<wbr/>Error<wbr/>Or<wbr/>Warnings<wbr/>Config</a></li>
 <li class="tsd-kind-variable"><a href="../variables/recommended_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-variable)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-32-path"></rect><path d="M11.106 16L8.85 7.24H9.966L11.454 13.192C11.558 13.608 11.646 13.996 11.718 14.356C11.79 14.708 11.842 14.976 11.874 15.16C11.906 14.976 11.954 14.708 12.018 14.356C12.09 13.996 12.178 13.608 12.282 13.192L13.758 7.24H14.85L12.582 16H11.106Z" fill="var(--color-text)" id="icon-32-text"></path></svg>recommended_<wbr/>policy</a></li>
 <li class="tsd-kind-variable"><a href="../variables/starter_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-32-path"></use><use href="#icon-32-text"></use></svg>starter_<wbr/>policy</a></li>
 <li class="tsd-kind-function"><a href="cspDirectives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-function)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-64-path"></rect><path d="M9.39 16V7.24H14.55V8.224H10.446V11.128H14.238V12.112H10.47V16H9.39Z" fill="var(--color-text)" id="icon-64-text"></path></svg>csp<wbr/>Directives</a></li>
 <li class="current tsd-kind-function"><a href="cspHeader.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>csp<wbr/>Header</a></li>
-<li class="tsd-kind-function"><a href="cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li></ul></nav></div></div>
+<li class="tsd-kind-function"><a href="cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li>
+<li class="tsd-kind-function"><a href="validationErrorOrWarnings.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>validation<wbr/>Error<wbr/>Or<wbr/>Warnings</a></li></ul></nav></div></div>
 <div class="container tsd-generator">
 <p>Generated using <a href="https://typedoc.org/" target="_blank">TypeDoc</a></p></div>
 <div class="overlay"></div><script src="../assets/main.js"></script></body></html>
\ No newline at end of file
diff --git a/docs/content-security-policy/functions/cspJSON.html b/docs/content-security-policy/functions/cspJSON.html
index d2a98974..db90c4aa 100644
--- a/docs/content-security-policy/functions/cspJSON.html
+++ b/docs/content-security-policy/functions/cspJSON.html
@@ -24,7 +24,7 @@ <h4 class="tsd-parameters-title">Parameters</h4>
 <h5>__namedParameters: <a href="../interfaces/Config.html" class="tsd-signature-type" data-tsd-kind="Interface">Config</a></h5></li></ul></div>
 <h4 class="tsd-returns-title">Returns <span class="tsd-signature-type">Promise</span><span class="tsd-signature-symbol">&lt;</span><span class="tsd-signature-symbol">{}</span><span class="tsd-signature-symbol">&gt;</span></h4><aside class="tsd-sources">
 <ul>
-<li>Defined in csp-directives.ts:119</li></ul></aside></li></ul></section></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/csp-directives.ts#L119">csp-directives.ts:119</a></li></ul></aside></li></ul></section></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
@@ -49,11 +49,13 @@ <h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.9389
 <ul>
 <li class="tsd-kind-interface"><a href="../interfaces/Config.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-interface)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-256-path"></rect><path d="M9.51 16V15.016H11.298V8.224H9.51V7.24H14.19V8.224H12.402V15.016H14.19V16H9.51Z" fill="var(--color-text)" id="icon-256-text"></path></svg>Config</a></li>
 <li class="tsd-kind-interface"><a href="../interfaces/Directives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Directives</a></li>
+<li class="tsd-kind-interface"><a href="../interfaces/ValidationErrorOrWarningsConfig.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Validation<wbr/>Error<wbr/>Or<wbr/>Warnings<wbr/>Config</a></li>
 <li class="tsd-kind-variable"><a href="../variables/recommended_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-variable)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-32-path"></rect><path d="M11.106 16L8.85 7.24H9.966L11.454 13.192C11.558 13.608 11.646 13.996 11.718 14.356C11.79 14.708 11.842 14.976 11.874 15.16C11.906 14.976 11.954 14.708 12.018 14.356C12.09 13.996 12.178 13.608 12.282 13.192L13.758 7.24H14.85L12.582 16H11.106Z" fill="var(--color-text)" id="icon-32-text"></path></svg>recommended_<wbr/>policy</a></li>
 <li class="tsd-kind-variable"><a href="../variables/starter_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-32-path"></use><use href="#icon-32-text"></use></svg>starter_<wbr/>policy</a></li>
 <li class="tsd-kind-function"><a href="cspDirectives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-function)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-64-path"></rect><path d="M9.39 16V7.24H14.55V8.224H10.446V11.128H14.238V12.112H10.47V16H9.39Z" fill="var(--color-text)" id="icon-64-text"></path></svg>csp<wbr/>Directives</a></li>
 <li class="tsd-kind-function"><a href="cspHeader.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>csp<wbr/>Header</a></li>
-<li class="current tsd-kind-function"><a href="cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li></ul></nav></div></div>
+<li class="current tsd-kind-function"><a href="cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li>
+<li class="tsd-kind-function"><a href="validationErrorOrWarnings.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>validation<wbr/>Error<wbr/>Or<wbr/>Warnings</a></li></ul></nav></div></div>
 <div class="container tsd-generator">
 <p>Generated using <a href="https://typedoc.org/" target="_blank">TypeDoc</a></p></div>
 <div class="overlay"></div><script src="../assets/main.js"></script></body></html>
\ No newline at end of file
diff --git a/docs/content-security-policy/functions/validationErrorOrWarnings.html b/docs/content-security-policy/functions/validationErrorOrWarnings.html
new file mode 100644
index 00000000..66598671
--- /dev/null
+++ b/docs/content-security-policy/functions/validationErrorOrWarnings.html
@@ -0,0 +1,61 @@
+<!DOCTYPE html><html class="default" lang="en"><head><meta charSet="utf-8"/><meta http-equiv="x-ua-compatible" content="IE=edge"/><title>validationErrorOrWarnings | @jackdbd/content-security-policy</title><meta name="description" content="Documentation for @jackdbd/content-security-policy"/><meta name="viewport" content="width=device-width, initial-scale=1"/><link rel="stylesheet" href="../assets/style.css"/><link rel="stylesheet" href="../assets/highlight.css"/><script async src="../assets/search.js" id="search-script"></script></head><body><script>document.documentElement.dataset.theme = localStorage.getItem("tsd-theme") || "os"</script><header class="tsd-page-toolbar">
+<div class="tsd-toolbar-contents container">
+<div class="table-cell" id="tsd-search" data-base="..">
+<div class="field"><label for="tsd-search-field" class="tsd-widget search no-caption"><svg width="16" height="16" viewBox="0 0 16 16" fill="none"><path d="M15.7824 13.833L12.6666 10.7177C12.5259 10.5771 12.3353 10.499 12.1353 10.499H11.6259C12.4884 9.39596 13.001 8.00859 13.001 6.49937C13.001 2.90909 10.0914 0 6.50048 0C2.90959 0 0 2.90909 0 6.49937C0 10.0896 2.90959 12.9987 6.50048 12.9987C8.00996 12.9987 9.39756 12.4863 10.5008 11.6239V12.1332C10.5008 12.3332 10.5789 12.5238 10.7195 12.6644L13.8354 15.7797C14.1292 16.0734 14.6042 16.0734 14.8948 15.7797L15.7793 14.8954C16.0731 14.6017 16.0731 14.1267 15.7824 13.833ZM6.50048 10.499C4.29094 10.499 2.50018 8.71165 2.50018 6.49937C2.50018 4.29021 4.28781 2.49976 6.50048 2.49976C8.71001 2.49976 10.5008 4.28708 10.5008 6.49937C10.5008 8.70852 8.71314 10.499 6.50048 10.499Z" fill="var(--color-text)"></path></svg></label><input type="text" id="tsd-search-field" aria-label="Search"/></div>
+<ul class="results">
+<li class="state loading">Preparing search index...</li>
+<li class="state failure">The search index is not available</li></ul><a href="../index.html" class="title">@jackdbd/content-security-policy</a></div>
+<div class="table-cell" id="tsd-widgets"><a href="#" class="tsd-widget menu no-caption" data-toggle="menu" aria-label="Menu"><svg width="16" height="16" viewBox="0 0 16 16" fill="none"><rect x="1" y="3" width="14" height="2" fill="var(--color-text)"></rect><rect x="1" y="7" width="14" height="2" fill="var(--color-text)"></rect><rect x="1" y="11" width="14" height="2" fill="var(--color-text)"></rect></svg></a></div></div></header>
+<div class="container container-main">
+<div class="col-8 col-content">
+<div class="tsd-page-title">
+<ul class="tsd-breadcrumb">
+<li><a href="../modules.html">@jackdbd/content-security-policy</a></li>
+<li><a href="validationErrorOrWarnings.html">validationErrorOrWarnings</a></li></ul>
+<h1>Function validationErrorOrWarnings</h1></div>
+<section class="tsd-panel">
+<ul class="tsd-signatures tsd-kind-function">
+<li class="tsd-signature tsd-anchor-link" id="validationErrorOrWarnings">validation<wbr/>Error<wbr/>Or<wbr/>Warnings<span class="tsd-signature-symbol">(</span>__namedParameters<span class="tsd-signature-symbol">: </span><a href="../interfaces/ValidationErrorOrWarningsConfig.html" class="tsd-signature-type" data-tsd-kind="Interface">ValidationErrorOrWarningsConfig</a><span class="tsd-signature-symbol">)</span><span class="tsd-signature-symbol">: </span><span class="tsd-signature-symbol">{ </span>error<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">undefined</span><span class="tsd-signature-symbol">; </span>warnings<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol"> }</span><span class="tsd-signature-symbol"> | </span><span class="tsd-signature-symbol">{ </span>error<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">Error</span><span class="tsd-signature-symbol">; </span>warnings<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol"> }</span><a href="#validationErrorOrWarnings" aria-label="Permalink" class="tsd-anchor-icon"><svg class="icon icon-tabler icon-tabler-link" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none" id="icon-anchor-a"></path><path d="M10 14a3.5 3.5 0 0 0 5 0l4 -4a3.5 3.5 0 0 0 -5 -5l-.5 .5" id="icon-anchor-b"></path><path d="M14 10a3.5 3.5 0 0 0 -5 0l-4 4a3.5 3.5 0 0 0 5 5l.5 -.5" id="icon-anchor-c"></path></svg></a></li>
+<li class="tsd-description">
+<div class="tsd-parameters">
+<h4 class="tsd-parameters-title">Parameters</h4>
+<ul class="tsd-parameter-list">
+<li>
+<h5>__namedParameters: <a href="../interfaces/ValidationErrorOrWarningsConfig.html" class="tsd-signature-type" data-tsd-kind="Interface">ValidationErrorOrWarningsConfig</a></h5></li></ul></div>
+<h4 class="tsd-returns-title">Returns <span class="tsd-signature-symbol">{ </span>error<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">undefined</span><span class="tsd-signature-symbol">; </span>warnings<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol"> }</span><span class="tsd-signature-symbol"> | </span><span class="tsd-signature-symbol">{ </span>error<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">Error</span><span class="tsd-signature-symbol">; </span>warnings<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol"> }</span></h4><aside class="tsd-sources">
+<ul>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/errors.ts#L15">errors.ts:15</a></li></ul></aside></li></ul></section></div>
+<div class="col-4 col-menu menu-sticky-wrap menu-highlight">
+<div class="tsd-navigation settings">
+<details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
+<h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.93896 8.531L12 15.591L19.061 8.531L16.939 6.409L12 11.349L7.06098 6.409L4.93896 8.531Z" fill="var(--color-text)"></path></svg> Settings</h3></summary>
+<div class="tsd-accordion-details">
+<div class="tsd-filter-visibility">
+<h4 class="uppercase">Member Visibility</h4><form>
+<ul id="tsd-filter-options">
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-protected" name="protected"/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>Protected</span></label></li>
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-inherited" name="inherited" checked/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>Inherited</span></label></li>
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-external" name="external"/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>External</span></label></li></ul></form></div>
+<div class="tsd-theme-toggle">
+<h4 class="uppercase">Theme</h4><select id="theme"><option value="os">OS</option><option value="light">Light</option><option value="dark">Dark</option></select></div></div></details></div>
+<nav class="tsd-navigation primary">
+<details class="tsd-index-accordion" open><summary class="tsd-accordion-summary">
+<h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.93896 8.531L12 15.591L19.061 8.531L16.939 6.409L12 11.349L7.06098 6.409L4.93896 8.531Z" fill="var(--color-text)"></path></svg> Modules</h3></summary>
+<div class="tsd-accordion-details">
+<ul>
+<li><a href="../modules.html">@jackdbd/content-<wbr/>security-<wbr/>policy</a>
+<ul></ul></li></ul></div></details></nav>
+<nav class="tsd-navigation secondary menu-sticky">
+<ul>
+<li class="tsd-kind-interface"><a href="../interfaces/Config.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-interface)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-256-path"></rect><path d="M9.51 16V15.016H11.298V8.224H9.51V7.24H14.19V8.224H12.402V15.016H14.19V16H9.51Z" fill="var(--color-text)" id="icon-256-text"></path></svg>Config</a></li>
+<li class="tsd-kind-interface"><a href="../interfaces/Directives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Directives</a></li>
+<li class="tsd-kind-interface"><a href="../interfaces/ValidationErrorOrWarningsConfig.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Validation<wbr/>Error<wbr/>Or<wbr/>Warnings<wbr/>Config</a></li>
+<li class="tsd-kind-variable"><a href="../variables/recommended_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-variable)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-32-path"></rect><path d="M11.106 16L8.85 7.24H9.966L11.454 13.192C11.558 13.608 11.646 13.996 11.718 14.356C11.79 14.708 11.842 14.976 11.874 15.16C11.906 14.976 11.954 14.708 12.018 14.356C12.09 13.996 12.178 13.608 12.282 13.192L13.758 7.24H14.85L12.582 16H11.106Z" fill="var(--color-text)" id="icon-32-text"></path></svg>recommended_<wbr/>policy</a></li>
+<li class="tsd-kind-variable"><a href="../variables/starter_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-32-path"></use><use href="#icon-32-text"></use></svg>starter_<wbr/>policy</a></li>
+<li class="tsd-kind-function"><a href="cspDirectives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-function)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-64-path"></rect><path d="M9.39 16V7.24H14.55V8.224H10.446V11.128H14.238V12.112H10.47V16H9.39Z" fill="var(--color-text)" id="icon-64-text"></path></svg>csp<wbr/>Directives</a></li>
+<li class="tsd-kind-function"><a href="cspHeader.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>csp<wbr/>Header</a></li>
+<li class="tsd-kind-function"><a href="cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li>
+<li class="current tsd-kind-function"><a href="validationErrorOrWarnings.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>validation<wbr/>Error<wbr/>Or<wbr/>Warnings</a></li></ul></nav></div></div>
+<div class="container tsd-generator">
+<p>Generated using <a href="https://typedoc.org/" target="_blank">TypeDoc</a></p></div>
+<div class="overlay"></div><script src="../assets/main.js"></script></body></html>
\ No newline at end of file
diff --git a/docs/content-security-policy/index.html b/docs/content-security-policy/index.html
index 83a0500a..1f04683e 100644
--- a/docs/content-security-policy/index.html
+++ b/docs/content-security-policy/index.html
@@ -64,11 +64,13 @@ <h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.9389
 <ul>
 <li class="tsd-kind-interface"><a href="interfaces/Config.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-interface)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-256-path"></rect><path d="M9.51 16V15.016H11.298V8.224H9.51V7.24H14.19V8.224H12.402V15.016H14.19V16H9.51Z" fill="var(--color-text)" id="icon-256-text"></path></svg>Config</a></li>
 <li class="tsd-kind-interface"><a href="interfaces/Directives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Directives</a></li>
+<li class="tsd-kind-interface"><a href="interfaces/ValidationErrorOrWarningsConfig.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Validation<wbr/>Error<wbr/>Or<wbr/>Warnings<wbr/>Config</a></li>
 <li class="tsd-kind-variable"><a href="variables/recommended_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-variable)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-32-path"></rect><path d="M11.106 16L8.85 7.24H9.966L11.454 13.192C11.558 13.608 11.646 13.996 11.718 14.356C11.79 14.708 11.842 14.976 11.874 15.16C11.906 14.976 11.954 14.708 12.018 14.356C12.09 13.996 12.178 13.608 12.282 13.192L13.758 7.24H14.85L12.582 16H11.106Z" fill="var(--color-text)" id="icon-32-text"></path></svg>recommended_<wbr/>policy</a></li>
 <li class="tsd-kind-variable"><a href="variables/starter_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-32-path"></use><use href="#icon-32-text"></use></svg>starter_<wbr/>policy</a></li>
 <li class="tsd-kind-function"><a href="functions/cspDirectives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-function)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-64-path"></rect><path d="M9.39 16V7.24H14.55V8.224H10.446V11.128H14.238V12.112H10.47V16H9.39Z" fill="var(--color-text)" id="icon-64-text"></path></svg>csp<wbr/>Directives</a></li>
 <li class="tsd-kind-function"><a href="functions/cspHeader.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>csp<wbr/>Header</a></li>
-<li class="tsd-kind-function"><a href="functions/cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li></ul></nav></div></div>
+<li class="tsd-kind-function"><a href="functions/cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li>
+<li class="tsd-kind-function"><a href="functions/validationErrorOrWarnings.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>validation<wbr/>Error<wbr/>Or<wbr/>Warnings</a></li></ul></nav></div></div>
 <div class="container tsd-generator">
 <p>Generated using <a href="https://typedoc.org/" target="_blank">TypeDoc</a></p></div>
 <div class="overlay"></div><script src="assets/main.js"></script></body></html>
\ No newline at end of file
diff --git a/docs/content-security-policy/interfaces/Config.html b/docs/content-security-policy/interfaces/Config.html
index 51bedd63..4d64a8d9 100644
--- a/docs/content-security-policy/interfaces/Config.html
+++ b/docs/content-security-policy/interfaces/Config.html
@@ -18,7 +18,7 @@ <h4>Hierarchy</h4>
 <ul class="tsd-hierarchy">
 <li><span class="target">Config</span></li></ul></section><aside class="tsd-sources">
 <ul>
-<li>Defined in csp-directives.ts:16</li></ul></aside>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/csp-directives.ts#L16">csp-directives.ts:16</a></li></ul></aside>
 <section class="tsd-panel-group tsd-index-group">
 <section class="tsd-panel tsd-index-panel">
 <details class="tsd-index-content tsd-index-accordion" open><summary class="tsd-accordion-summary tsd-index-summary">
@@ -35,12 +35,12 @@ <h2>Properties</h2>
 <h3 class="tsd-anchor-link"><span>directives</span><a href="#directives" aria-label="Permalink" class="tsd-anchor-icon"><svg class="icon icon-tabler icon-tabler-link" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none" id="icon-anchor-a"></path><path d="M10 14a3.5 3.5 0 0 0 5 0l4 -4a3.5 3.5 0 0 0 -5 -5l-.5 .5" id="icon-anchor-b"></path><path d="M14 10a3.5 3.5 0 0 0 -5 0l-4 4a3.5 3.5 0 0 0 5 5l.5 -.5" id="icon-anchor-c"></path></svg></a></h3>
 <div class="tsd-signature">directives<span class="tsd-signature-symbol">:</span> <a href="Directives.html" class="tsd-signature-type" data-tsd-kind="Interface">Directives</a></div><aside class="tsd-sources">
 <ul>
-<li>Defined in csp-directives.ts:17</li></ul></aside></section>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/csp-directives.ts#L17">csp-directives.ts:17</a></li></ul></aside></section>
 <section class="tsd-panel tsd-member tsd-kind-property tsd-parent-kind-interface"><a id="patterns" class="tsd-anchor"></a>
 <h3 class="tsd-anchor-link"><span>patterns</span><a href="#patterns" aria-label="Permalink" class="tsd-anchor-icon"><svg class="icon icon-tabler icon-tabler-link" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><use href="#icon-anchor-a"></use><use href="#icon-anchor-b"></use><use href="#icon-anchor-c"></use></svg></a></h3>
 <div class="tsd-signature">patterns<span class="tsd-signature-symbol">:</span> <span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></div><aside class="tsd-sources">
 <ul>
-<li>Defined in csp-directives.ts:18</li></ul></aside></section></section></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/csp-directives.ts#L18">csp-directives.ts:18</a></li></ul></aside></section></section></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
diff --git a/docs/content-security-policy/interfaces/Directives.html b/docs/content-security-policy/interfaces/Directives.html
index 2a82991e..9203f103 100644
--- a/docs/content-security-policy/interfaces/Directives.html
+++ b/docs/content-security-policy/interfaces/Directives.html
@@ -21,7 +21,7 @@ <h4>Hierarchy</h4>
 <h4 class="tsd-before-signature">Indexable</h4>
 <div class="tsd-signature"><span class="tsd-signature-symbol">[</span>k: <span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">]: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></div></section><aside class="tsd-sources">
 <ul>
-<li>Defined in directives.ts:90</li></ul></aside></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/directives.ts#L90">directives.ts:90</a></li></ul></aside></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
@@ -46,11 +46,13 @@ <h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.9389
 <ul>
 <li class="tsd-kind-interface"><a href="Config.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-interface)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-256-path"></rect><path d="M9.51 16V15.016H11.298V8.224H9.51V7.24H14.19V8.224H12.402V15.016H14.19V16H9.51Z" fill="var(--color-text)" id="icon-256-text"></path></svg>Config</a></li>
 <li class="current tsd-kind-interface"><a href="Directives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Directives</a></li>
+<li class="tsd-kind-interface"><a href="ValidationErrorOrWarningsConfig.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Validation<wbr/>Error<wbr/>Or<wbr/>Warnings<wbr/>Config</a></li>
 <li class="tsd-kind-variable"><a href="../variables/recommended_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-variable)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-32-path"></rect><path d="M11.106 16L8.85 7.24H9.966L11.454 13.192C11.558 13.608 11.646 13.996 11.718 14.356C11.79 14.708 11.842 14.976 11.874 15.16C11.906 14.976 11.954 14.708 12.018 14.356C12.09 13.996 12.178 13.608 12.282 13.192L13.758 7.24H14.85L12.582 16H11.106Z" fill="var(--color-text)" id="icon-32-text"></path></svg>recommended_<wbr/>policy</a></li>
 <li class="tsd-kind-variable"><a href="../variables/starter_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-32-path"></use><use href="#icon-32-text"></use></svg>starter_<wbr/>policy</a></li>
 <li class="tsd-kind-function"><a href="../functions/cspDirectives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-function)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-64-path"></rect><path d="M9.39 16V7.24H14.55V8.224H10.446V11.128H14.238V12.112H10.47V16H9.39Z" fill="var(--color-text)" id="icon-64-text"></path></svg>csp<wbr/>Directives</a></li>
 <li class="tsd-kind-function"><a href="../functions/cspHeader.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>csp<wbr/>Header</a></li>
-<li class="tsd-kind-function"><a href="../functions/cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li></ul></nav></div></div>
+<li class="tsd-kind-function"><a href="../functions/cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li>
+<li class="tsd-kind-function"><a href="../functions/validationErrorOrWarnings.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>validation<wbr/>Error<wbr/>Or<wbr/>Warnings</a></li></ul></nav></div></div>
 <div class="container tsd-generator">
 <p>Generated using <a href="https://typedoc.org/" target="_blank">TypeDoc</a></p></div>
 <div class="overlay"></div><script src="../assets/main.js"></script></body></html>
\ No newline at end of file
diff --git a/docs/content-security-policy/interfaces/ValidationErrorOrWarningsConfig.html b/docs/content-security-policy/interfaces/ValidationErrorOrWarningsConfig.html
new file mode 100644
index 00000000..d75343d8
--- /dev/null
+++ b/docs/content-security-policy/interfaces/ValidationErrorOrWarningsConfig.html
@@ -0,0 +1,72 @@
+<!DOCTYPE html><html class="default" lang="en"><head><meta charSet="utf-8"/><meta http-equiv="x-ua-compatible" content="IE=edge"/><title>ValidationErrorOrWarningsConfig | @jackdbd/content-security-policy</title><meta name="description" content="Documentation for @jackdbd/content-security-policy"/><meta name="viewport" content="width=device-width, initial-scale=1"/><link rel="stylesheet" href="../assets/style.css"/><link rel="stylesheet" href="../assets/highlight.css"/><script async src="../assets/search.js" id="search-script"></script></head><body><script>document.documentElement.dataset.theme = localStorage.getItem("tsd-theme") || "os"</script><header class="tsd-page-toolbar">
+<div class="tsd-toolbar-contents container">
+<div class="table-cell" id="tsd-search" data-base="..">
+<div class="field"><label for="tsd-search-field" class="tsd-widget search no-caption"><svg width="16" height="16" viewBox="0 0 16 16" fill="none"><path d="M15.7824 13.833L12.6666 10.7177C12.5259 10.5771 12.3353 10.499 12.1353 10.499H11.6259C12.4884 9.39596 13.001 8.00859 13.001 6.49937C13.001 2.90909 10.0914 0 6.50048 0C2.90959 0 0 2.90909 0 6.49937C0 10.0896 2.90959 12.9987 6.50048 12.9987C8.00996 12.9987 9.39756 12.4863 10.5008 11.6239V12.1332C10.5008 12.3332 10.5789 12.5238 10.7195 12.6644L13.8354 15.7797C14.1292 16.0734 14.6042 16.0734 14.8948 15.7797L15.7793 14.8954C16.0731 14.6017 16.0731 14.1267 15.7824 13.833ZM6.50048 10.499C4.29094 10.499 2.50018 8.71165 2.50018 6.49937C2.50018 4.29021 4.28781 2.49976 6.50048 2.49976C8.71001 2.49976 10.5008 4.28708 10.5008 6.49937C10.5008 8.70852 8.71314 10.499 6.50048 10.499Z" fill="var(--color-text)"></path></svg></label><input type="text" id="tsd-search-field" aria-label="Search"/></div>
+<ul class="results">
+<li class="state loading">Preparing search index...</li>
+<li class="state failure">The search index is not available</li></ul><a href="../index.html" class="title">@jackdbd/content-security-policy</a></div>
+<div class="table-cell" id="tsd-widgets"><a href="#" class="tsd-widget menu no-caption" data-toggle="menu" aria-label="Menu"><svg width="16" height="16" viewBox="0 0 16 16" fill="none"><rect x="1" y="3" width="14" height="2" fill="var(--color-text)"></rect><rect x="1" y="7" width="14" height="2" fill="var(--color-text)"></rect><rect x="1" y="11" width="14" height="2" fill="var(--color-text)"></rect></svg></a></div></div></header>
+<div class="container container-main">
+<div class="col-8 col-content">
+<div class="tsd-page-title">
+<ul class="tsd-breadcrumb">
+<li><a href="../modules.html">@jackdbd/content-security-policy</a></li>
+<li><a href="ValidationErrorOrWarningsConfig.html">ValidationErrorOrWarningsConfig</a></li></ul>
+<h1>Interface ValidationErrorOrWarningsConfig</h1></div>
+<section class="tsd-panel tsd-hierarchy">
+<h4>Hierarchy</h4>
+<ul class="tsd-hierarchy">
+<li><span class="target">ValidationErrorOrWarningsConfig</span></li></ul></section><aside class="tsd-sources">
+<ul>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/errors.ts#L7">errors.ts:7</a></li></ul></aside>
+<section class="tsd-panel-group tsd-index-group">
+<section class="tsd-panel tsd-index-panel">
+<details class="tsd-index-content tsd-index-accordion" open><summary class="tsd-accordion-summary tsd-index-summary">
+<h5 class="tsd-index-heading uppercase" role="button" aria-expanded="false" tabIndex=0><svg width="16" height="16" viewBox="0 0 16 16" fill="none"><path d="M1.5 5.50969L8 11.6609L14.5 5.50969L12.5466 3.66086L8 7.96494L3.45341 3.66086L1.5 5.50969Z" fill="var(--color-text)"></path></svg> Index</h5></summary>
+<div class="tsd-accordion-details">
+<section class="tsd-index-section">
+<h3 class="tsd-index-heading">Properties</h3>
+<div class="tsd-index-list"><a href="ValidationErrorOrWarningsConfig.html#allowDeprecatedDirectives" class="tsd-index-link tsd-kind-property tsd-parent-kind-interface"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="#FF984D" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="12" id="icon-1024-path"></rect><path d="M9.354 16V7.24H12.174C12.99 7.24 13.638 7.476 14.118 7.948C14.606 8.412 14.85 9.036 14.85 9.82C14.85 10.604 14.606 11.232 14.118 11.704C13.638 12.168 12.99 12.4 12.174 12.4H10.434V16H9.354ZM10.434 11.428H12.174C12.646 11.428 13.022 11.284 13.302 10.996C13.59 10.7 13.734 10.308 13.734 9.82C13.734 9.324 13.59 8.932 13.302 8.644C13.022 8.356 12.646 8.212 12.174 8.212H10.434V11.428Z" fill="var(--color-text)" id="icon-1024-text"></path></svg><span>allow<wbr/>Deprecated<wbr/>Directives</span></a>
+<a href="ValidationErrorOrWarningsConfig.html#error" class="tsd-index-link tsd-kind-property tsd-parent-kind-interface"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-1024-path"></use><use href="#icon-1024-text"></use></svg><span>error</span></a>
+</div></section></div></details></section></section>
+<section class="tsd-panel-group tsd-member-group">
+<h2>Properties</h2>
+<section class="tsd-panel tsd-member tsd-kind-property tsd-parent-kind-interface"><a id="allowDeprecatedDirectives" class="tsd-anchor"></a>
+<h3 class="tsd-anchor-link"><span>allow<wbr/>Deprecated<wbr/>Directives</span><a href="#allowDeprecatedDirectives" aria-label="Permalink" class="tsd-anchor-icon"><svg class="icon icon-tabler icon-tabler-link" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none" id="icon-anchor-a"></path><path d="M10 14a3.5 3.5 0 0 0 5 0l4 -4a3.5 3.5 0 0 0 -5 -5l-.5 .5" id="icon-anchor-b"></path><path d="M14 10a3.5 3.5 0 0 0 -5 0l-4 4a3.5 3.5 0 0 0 5 5l.5 -.5" id="icon-anchor-c"></path></svg></a></h3>
+<div class="tsd-signature">allow<wbr/>Deprecated<wbr/>Directives<span class="tsd-signature-symbol">:</span> <span class="tsd-signature-type">boolean</span></div><aside class="tsd-sources">
+<ul>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/errors.ts#L8">errors.ts:8</a></li></ul></aside></section>
+<section class="tsd-panel tsd-member tsd-kind-property tsd-parent-kind-interface"><a id="error" class="tsd-anchor"></a>
+<h3 class="tsd-anchor-link"><span>error</span><a href="#error" aria-label="Permalink" class="tsd-anchor-icon"><svg class="icon icon-tabler icon-tabler-link" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><use href="#icon-anchor-a"></use><use href="#icon-anchor-b"></use><use href="#icon-anchor-c"></use></svg></a></h3>
+<div class="tsd-signature">error<span class="tsd-signature-symbol">:</span> <span class="tsd-signature-type">any</span></div><aside class="tsd-sources">
+<ul>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/errors.ts#L9">errors.ts:9</a></li></ul></aside></section></section></div>
+<div class="col-4 col-menu menu-sticky-wrap menu-highlight">
+<div class="tsd-navigation settings">
+<details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
+<h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.93896 8.531L12 15.591L19.061 8.531L16.939 6.409L12 11.349L7.06098 6.409L4.93896 8.531Z" fill="var(--color-text)"></path></svg> Settings</h3></summary>
+<div class="tsd-accordion-details">
+<div class="tsd-filter-visibility">
+<h4 class="uppercase">Member Visibility</h4><form>
+<ul id="tsd-filter-options">
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-protected" name="protected"/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>Protected</span></label></li>
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-inherited" name="inherited" checked/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>Inherited</span></label></li>
+<li class="tsd-filter-item"><label class="tsd-filter-input"><input type="checkbox" id="tsd-filter-external" name="external"/><svg width="32" height="32" viewBox="0 0 32 32" aria-hidden="true"><rect class="tsd-checkbox-background" width="30" height="30" x="1" y="1" rx="6" fill="none"></rect><path class="tsd-checkbox-checkmark" d="M8.35422 16.8214L13.2143 21.75L24.6458 10.25" stroke="none" stroke-width="3.5" stroke-linejoin="round" fill="none"></path></svg><span>External</span></label></li></ul></form></div>
+<div class="tsd-theme-toggle">
+<h4 class="uppercase">Theme</h4><select id="theme"><option value="os">OS</option><option value="light">Light</option><option value="dark">Dark</option></select></div></div></details></div>
+<nav class="tsd-navigation primary">
+<details class="tsd-index-accordion" open><summary class="tsd-accordion-summary">
+<h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.93896 8.531L12 15.591L19.061 8.531L16.939 6.409L12 11.349L7.06098 6.409L4.93896 8.531Z" fill="var(--color-text)"></path></svg> Modules</h3></summary>
+<div class="tsd-accordion-details">
+<ul>
+<li><a href="../modules.html">@jackdbd/content-<wbr/>security-<wbr/>policy</a>
+<ul></ul></li></ul></div></details></nav>
+<nav class="tsd-navigation secondary menu-sticky">
+<ul>
+<li class="current tsd-kind-interface"><a href="ValidationErrorOrWarningsConfig.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-interface)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-256-path"></rect><path d="M9.51 16V15.016H11.298V8.224H9.51V7.24H14.19V8.224H12.402V15.016H14.19V16H9.51Z" fill="var(--color-text)" id="icon-256-text"></path></svg><span>Validation<wbr/>Error<wbr/>Or<wbr/>Warnings<wbr/>Config</span></a>
+<ul>
+<li class="tsd-kind-property tsd-parent-kind-interface"><a href="ValidationErrorOrWarningsConfig.html#allowDeprecatedDirectives" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-1024-path"></use><use href="#icon-1024-text"></use></svg>allow<wbr/>Deprecated<wbr/>Directives</a></li>
+<li class="tsd-kind-property tsd-parent-kind-interface"><a href="ValidationErrorOrWarningsConfig.html#error" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-1024-path"></use><use href="#icon-1024-text"></use></svg>error</a></li></ul></li></ul></nav></div></div>
+<div class="container tsd-generator">
+<p>Generated using <a href="https://typedoc.org/" target="_blank">TypeDoc</a></p></div>
+<div class="overlay"></div><script src="../assets/main.js"></script></body></html>
\ No newline at end of file
diff --git a/docs/content-security-policy/modules.html b/docs/content-security-policy/modules.html
index 99b31900..3a093215 100644
--- a/docs/content-security-policy/modules.html
+++ b/docs/content-security-policy/modules.html
@@ -20,6 +20,7 @@ <h3 class="tsd-index-heading uppercase">Index</h3>
 <h3 class="tsd-index-heading">Interfaces</h3>
 <div class="tsd-index-list"><a href="interfaces/Config.html" class="tsd-index-link tsd-kind-interface"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-interface)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-256-path"></rect><path d="M9.51 16V15.016H11.298V8.224H9.51V7.24H14.19V8.224H12.402V15.016H14.19V16H9.51Z" fill="var(--color-text)" id="icon-256-text"></path></svg><span>Config</span></a>
 <a href="interfaces/Directives.html" class="tsd-index-link tsd-kind-interface"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg><span>Directives</span></a>
+<a href="interfaces/ValidationErrorOrWarningsConfig.html" class="tsd-index-link tsd-kind-interface"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg><span>Validation<wbr/>Error<wbr/>Or<wbr/>Warnings<wbr/>Config</span></a>
 </div></section>
 <section class="tsd-index-section">
 <h3 class="tsd-index-heading">Variables</h3>
@@ -31,6 +32,7 @@ <h3 class="tsd-index-heading">Functions</h3>
 <div class="tsd-index-list"><a href="functions/cspDirectives.html" class="tsd-index-link tsd-kind-function"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-function)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-64-path"></rect><path d="M9.39 16V7.24H14.55V8.224H10.446V11.128H14.238V12.112H10.47V16H9.39Z" fill="var(--color-text)" id="icon-64-text"></path></svg><span>csp<wbr/>Directives</span></a>
 <a href="functions/cspHeader.html" class="tsd-index-link tsd-kind-function"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg><span>csp<wbr/>Header</span></a>
 <a href="functions/cspJSON.html" class="tsd-index-link tsd-kind-function"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg><span>cspJSON</span></a>
+<a href="functions/validationErrorOrWarnings.html" class="tsd-index-link tsd-kind-function"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg><span>validation<wbr/>Error<wbr/>Or<wbr/>Warnings</span></a>
 </div></section></section></section></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
@@ -56,11 +58,13 @@ <h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.9389
 <ul>
 <li class="tsd-kind-interface"><a href="interfaces/Config.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Config</a></li>
 <li class="tsd-kind-interface"><a href="interfaces/Directives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Directives</a></li>
+<li class="tsd-kind-interface"><a href="interfaces/ValidationErrorOrWarningsConfig.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Validation<wbr/>Error<wbr/>Or<wbr/>Warnings<wbr/>Config</a></li>
 <li class="tsd-kind-variable"><a href="variables/recommended_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-32-path"></use><use href="#icon-32-text"></use></svg>recommended_<wbr/>policy</a></li>
 <li class="tsd-kind-variable"><a href="variables/starter_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-32-path"></use><use href="#icon-32-text"></use></svg>starter_<wbr/>policy</a></li>
 <li class="tsd-kind-function"><a href="functions/cspDirectives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>csp<wbr/>Directives</a></li>
 <li class="tsd-kind-function"><a href="functions/cspHeader.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>csp<wbr/>Header</a></li>
-<li class="tsd-kind-function"><a href="functions/cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li></ul></nav></div></div>
+<li class="tsd-kind-function"><a href="functions/cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li>
+<li class="tsd-kind-function"><a href="functions/validationErrorOrWarnings.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>validation<wbr/>Error<wbr/>Or<wbr/>Warnings</a></li></ul></nav></div></div>
 <div class="container tsd-generator">
 <p>Generated using <a href="https://typedoc.org/" target="_blank">TypeDoc</a></p></div>
 <div class="overlay"></div><script src="assets/main.js"></script></body></html>
\ No newline at end of file
diff --git a/docs/content-security-policy/variables/recommended_policy.html b/docs/content-security-policy/variables/recommended_policy.html
index 68b8a266..94666c09 100644
--- a/docs/content-security-policy/variables/recommended_policy.html
+++ b/docs/content-security-policy/variables/recommended_policy.html
@@ -59,7 +59,7 @@ <h5>style-<wbr/>src<span class="tsd-signature-symbol">: </span><span class="tsd-
 <li class="tsd-parameter">
 <h5>upgrade-<wbr/>insecure-<wbr/>requests<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">boolean</span></h5></li></ul></div><aside class="tsd-sources">
 <ul>
-<li>Defined in policies.ts:30</li></ul></aside></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/policies.ts#L30">policies.ts:30</a></li></ul></aside></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
@@ -84,11 +84,13 @@ <h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.9389
 <ul>
 <li class="tsd-kind-interface"><a href="../interfaces/Config.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-interface)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-256-path"></rect><path d="M9.51 16V15.016H11.298V8.224H9.51V7.24H14.19V8.224H12.402V15.016H14.19V16H9.51Z" fill="var(--color-text)" id="icon-256-text"></path></svg>Config</a></li>
 <li class="tsd-kind-interface"><a href="../interfaces/Directives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Directives</a></li>
+<li class="tsd-kind-interface"><a href="../interfaces/ValidationErrorOrWarningsConfig.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Validation<wbr/>Error<wbr/>Or<wbr/>Warnings<wbr/>Config</a></li>
 <li class="current tsd-kind-variable"><a href="recommended_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-variable)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-32-path"></rect><path d="M11.106 16L8.85 7.24H9.966L11.454 13.192C11.558 13.608 11.646 13.996 11.718 14.356C11.79 14.708 11.842 14.976 11.874 15.16C11.906 14.976 11.954 14.708 12.018 14.356C12.09 13.996 12.178 13.608 12.282 13.192L13.758 7.24H14.85L12.582 16H11.106Z" fill="var(--color-text)" id="icon-32-text"></path></svg>recommended_<wbr/>policy</a></li>
 <li class="tsd-kind-variable"><a href="starter_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-32-path"></use><use href="#icon-32-text"></use></svg>starter_<wbr/>policy</a></li>
 <li class="tsd-kind-function"><a href="../functions/cspDirectives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-function)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-64-path"></rect><path d="M9.39 16V7.24H14.55V8.224H10.446V11.128H14.238V12.112H10.47V16H9.39Z" fill="var(--color-text)" id="icon-64-text"></path></svg>csp<wbr/>Directives</a></li>
 <li class="tsd-kind-function"><a href="../functions/cspHeader.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>csp<wbr/>Header</a></li>
-<li class="tsd-kind-function"><a href="../functions/cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li></ul></nav></div></div>
+<li class="tsd-kind-function"><a href="../functions/cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li>
+<li class="tsd-kind-function"><a href="../functions/validationErrorOrWarnings.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>validation<wbr/>Error<wbr/>Or<wbr/>Warnings</a></li></ul></nav></div></div>
 <div class="container tsd-generator">
 <p>Generated using <a href="https://typedoc.org/" target="_blank">TypeDoc</a></p></div>
 <div class="overlay"></div><script src="../assets/main.js"></script></body></html>
\ No newline at end of file
diff --git a/docs/content-security-policy/variables/starter_policy.html b/docs/content-security-policy/variables/starter_policy.html
index 6ff23928..a1ccefda 100644
--- a/docs/content-security-policy/variables/starter_policy.html
+++ b/docs/content-security-policy/variables/starter_policy.html
@@ -35,7 +35,7 @@ <h5>script-<wbr/>src<span class="tsd-signature-symbol">: </span><span class="tsd
 <li class="tsd-parameter">
 <h5>style-<wbr/>src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></h5></li></ul></div><aside class="tsd-sources">
 <ul>
-<li>Defined in policies.ts:5</li></ul></aside></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/policies.ts#L5">policies.ts:5</a></li></ul></aside></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
@@ -60,11 +60,13 @@ <h3><svg width="20" height="20" viewBox="0 0 24 24" fill="none"><path d="M4.9389
 <ul>
 <li class="tsd-kind-interface"><a href="../interfaces/Config.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-interface)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-256-path"></rect><path d="M9.51 16V15.016H11.298V8.224H9.51V7.24H14.19V8.224H12.402V15.016H14.19V16H9.51Z" fill="var(--color-text)" id="icon-256-text"></path></svg>Config</a></li>
 <li class="tsd-kind-interface"><a href="../interfaces/Directives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Directives</a></li>
+<li class="tsd-kind-interface"><a href="../interfaces/ValidationErrorOrWarningsConfig.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-256-path"></use><use href="#icon-256-text"></use></svg>Validation<wbr/>Error<wbr/>Or<wbr/>Warnings<wbr/>Config</a></li>
 <li class="tsd-kind-variable"><a href="recommended_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-variable)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-32-path"></rect><path d="M11.106 16L8.85 7.24H9.966L11.454 13.192C11.558 13.608 11.646 13.996 11.718 14.356C11.79 14.708 11.842 14.976 11.874 15.16C11.906 14.976 11.954 14.708 12.018 14.356C12.09 13.996 12.178 13.608 12.282 13.192L13.758 7.24H14.85L12.582 16H11.106Z" fill="var(--color-text)" id="icon-32-text"></path></svg>recommended_<wbr/>policy</a></li>
 <li class="current tsd-kind-variable"><a href="starter_policy.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-32-path"></use><use href="#icon-32-text"></use></svg>starter_<wbr/>policy</a></li>
 <li class="tsd-kind-function"><a href="../functions/cspDirectives.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><rect fill="var(--color-icon-background)" stroke="var(--color-ts-function)" stroke-width="1.5" x="1" y="1" width="22" height="22" rx="6" id="icon-64-path"></rect><path d="M9.39 16V7.24H14.55V8.224H10.446V11.128H14.238V12.112H10.47V16H9.39Z" fill="var(--color-text)" id="icon-64-text"></path></svg>csp<wbr/>Directives</a></li>
 <li class="tsd-kind-function"><a href="../functions/cspHeader.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>csp<wbr/>Header</a></li>
-<li class="tsd-kind-function"><a href="../functions/cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li></ul></nav></div></div>
+<li class="tsd-kind-function"><a href="../functions/cspJSON.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>cspJSON</a></li>
+<li class="tsd-kind-function"><a href="../functions/validationErrorOrWarnings.html" class="tsd-index-link"><svg class="tsd-kind-icon" width="24" height="24" viewBox="0 0 24 24"><use href="#icon-64-path"></use><use href="#icon-64-text"></use></svg>validation<wbr/>Error<wbr/>Or<wbr/>Warnings</a></li></ul></nav></div></div>
 <div class="container tsd-generator">
 <p>Generated using <a href="https://typedoc.org/" target="_blank">TypeDoc</a></p></div>
 <div class="overlay"></div><script src="../assets/main.js"></script></body></html>
\ No newline at end of file
diff --git a/packages/content-security-policy/.ae/content-security-policy.api.md b/packages/content-security-policy/.ae/content-security-policy.api.md
index 7f72bb72..fe4064ea 100644
--- a/packages/content-security-policy/.ae/content-security-policy.api.md
+++ b/packages/content-security-policy/.ae/content-security-policy.api.md
@@ -59,4 +59,21 @@ export const starter_policy: {
     'style-src': string[];
 };
 
+// @public (undocumented)
+export const validationErrorOrWarnings: ({ allowDeprecatedDirectives, error }: ValidationErrorOrWarningsConfig) => {
+    warnings: string[];
+    error?: undefined;
+} | {
+    error: Error;
+    warnings: string[];
+};
+
+// @public (undocumented)
+export interface ValidationErrorOrWarningsConfig {
+    // (undocumented)
+    allowDeprecatedDirectives: boolean;
+    // (undocumented)
+    error: any;
+}
+
 ```
diff --git a/packages/content-security-policy/api-docs/content-security-policy.md b/packages/content-security-policy/api-docs/content-security-policy.md
index 0cd6631c..52b3528c 100644
--- a/packages/content-security-policy/api-docs/content-security-policy.md
+++ b/packages/content-security-policy/api-docs/content-security-policy.md
@@ -12,6 +12,7 @@ Entry point for the documentation of content-security-policy.
 |  --- | --- |
 |  [Config](./content-security-policy.config.md) |  |
 |  [Directives](./content-security-policy.directives.md) |  |
+|  [ValidationErrorOrWarningsConfig](./content-security-policy.validationerrororwarningsconfig.md) |  |
 
 ## Variables
 
@@ -22,4 +23,5 @@ Entry point for the documentation of content-security-policy.
 |  [cspJSON](./content-security-policy.cspjson.md) |  |
 |  [recommended\_policy](./content-security-policy.recommended_policy.md) | <p>Recommended policy for most sites.</p><p>Differences with the standard policy are the following ones: - font-src is set to 'self', to allow self-hosted fonts - frame-ancestors is set to 'none' - manifest-src is set to 'self', to allow a self-hosted web application manifest,so the website can be installed as Progressive Web App. Learn more: https://developer.mozilla.org/en-US/docs/Web/Manifest - object-src is set to 'none' as recommended here: https://csp.withgoogle.com/docs/strict-csp.html - prefetch-src is set to 'self, to allow prefetching content hosted on this origin - upgrade-insecure-requests is set to true, even if I am not sure it's really necessary, since it does NOT replace HSTS. Learn more: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests</p> |
 |  [starter\_policy](./content-security-policy.starter_policy.md) | This is the starter policy described here: https://content-security-policy.com/ |
+|  [validationErrorOrWarnings](./content-security-policy.validationerrororwarnings.md) |  |
 
diff --git a/packages/content-security-policy/api-docs/content-security-policy.validationerrororwarnings.md b/packages/content-security-policy/api-docs/content-security-policy.validationerrororwarnings.md
new file mode 100644
index 00000000..3d797a05
--- /dev/null
+++ b/packages/content-security-policy/api-docs/content-security-policy.validationerrororwarnings.md
@@ -0,0 +1,18 @@
+<!-- Do not edit this file. It is automatically generated by API Documenter. -->
+
+[Home](./index.md) &gt; [@jackdbd/content-security-policy](./content-security-policy.md) &gt; [validationErrorOrWarnings](./content-security-policy.validationerrororwarnings.md)
+
+## validationErrorOrWarnings variable
+
+
+<b>Signature:</b>
+
+```typescript
+validationErrorOrWarnings: ({ allowDeprecatedDirectives, error }: Config) => {
+    warnings: string[];
+    error?: undefined;
+} | {
+    error: Error;
+    warnings: string[];
+}
+```
diff --git a/packages/content-security-policy/api-docs/content-security-policy.validationerrororwarningsconfig.allowdeprecateddirectives.md b/packages/content-security-policy/api-docs/content-security-policy.validationerrororwarningsconfig.allowdeprecateddirectives.md
new file mode 100644
index 00000000..71b977ab
--- /dev/null
+++ b/packages/content-security-policy/api-docs/content-security-policy.validationerrororwarningsconfig.allowdeprecateddirectives.md
@@ -0,0 +1,11 @@
+<!-- Do not edit this file. It is automatically generated by API Documenter. -->
+
+[Home](./index.md) &gt; [@jackdbd/content-security-policy](./content-security-policy.md) &gt; [ValidationErrorOrWarningsConfig](./content-security-policy.validationerrororwarningsconfig.md) &gt; [allowDeprecatedDirectives](./content-security-policy.validationerrororwarningsconfig.allowdeprecateddirectives.md)
+
+## ValidationErrorOrWarningsConfig.allowDeprecatedDirectives property
+
+<b>Signature:</b>
+
+```typescript
+allowDeprecatedDirectives: boolean;
+```
diff --git a/packages/content-security-policy/api-docs/content-security-policy.validationerrororwarningsconfig.error.md b/packages/content-security-policy/api-docs/content-security-policy.validationerrororwarningsconfig.error.md
new file mode 100644
index 00000000..14503ece
--- /dev/null
+++ b/packages/content-security-policy/api-docs/content-security-policy.validationerrororwarningsconfig.error.md
@@ -0,0 +1,11 @@
+<!-- Do not edit this file. It is automatically generated by API Documenter. -->
+
+[Home](./index.md) &gt; [@jackdbd/content-security-policy](./content-security-policy.md) &gt; [ValidationErrorOrWarningsConfig](./content-security-policy.validationerrororwarningsconfig.md) &gt; [error](./content-security-policy.validationerrororwarningsconfig.error.md)
+
+## ValidationErrorOrWarningsConfig.error property
+
+<b>Signature:</b>
+
+```typescript
+error: any;
+```
diff --git a/packages/content-security-policy/api-docs/content-security-policy.validationerrororwarningsconfig.md b/packages/content-security-policy/api-docs/content-security-policy.validationerrororwarningsconfig.md
new file mode 100644
index 00000000..8fd707b4
--- /dev/null
+++ b/packages/content-security-policy/api-docs/content-security-policy.validationerrororwarningsconfig.md
@@ -0,0 +1,20 @@
+<!-- Do not edit this file. It is automatically generated by API Documenter. -->
+
+[Home](./index.md) &gt; [@jackdbd/content-security-policy](./content-security-policy.md) &gt; [ValidationErrorOrWarningsConfig](./content-security-policy.validationerrororwarningsconfig.md)
+
+## ValidationErrorOrWarningsConfig interface
+
+
+<b>Signature:</b>
+
+```typescript
+export interface Config 
+```
+
+## Properties
+
+|  Property | Modifiers | Type | Description |
+|  --- | --- | --- | --- |
+|  [allowDeprecatedDirectives](./content-security-policy.validationerrororwarningsconfig.allowdeprecateddirectives.md) |  | boolean |  |
+|  [error](./content-security-policy.validationerrororwarningsconfig.error.md) |  | any |  |
+
diff --git a/packages/content-security-policy/package.json b/packages/content-security-policy/package.json
index 36fcff9a..9709b790 100644
--- a/packages/content-security-policy/package.json
+++ b/packages/content-security-policy/package.json
@@ -29,10 +29,17 @@
   "typings": "lib/index.d.ts",
   "exports": {
     ".": "./lib/index.js",
+    "./errors": "./lib/errors.js",
+    "./policies": "./lib/policies.js",
+    "./schemas": "./lib/schemas.js",
     "./package.json": "./package.json"
   },
   "typesVersions": {
-    "*": {}
+    "*": {
+      "*": [
+        "./lib/*.d.ts"
+      ]
+    }
   },
   "files": [
     "CHANGELOG.md",
diff --git a/packages/content-security-policy/src/errors.ts b/packages/content-security-policy/src/errors.ts
index 48b24a6d..e5bbc2ce 100644
--- a/packages/content-security-policy/src/errors.ts
+++ b/packages/content-security-policy/src/errors.ts
@@ -2,15 +2,15 @@ import { deprecatedDirectives } from './directives.js'
 import type { DeprecatedDirectiveKey } from './directives.js'
 
 /**
- * @internal
+ * @public
  */
-interface Config {
+export interface Config {
   allowDeprecatedDirectives: boolean
   error: any
 }
 
 /**
- * @internal
+ * @public
  */
 export const validationErrorOrWarnings = ({
   allowDeprecatedDirectives,
diff --git a/packages/content-security-policy/src/index.ts b/packages/content-security-policy/src/index.ts
index 6d8c28fd..431949ee 100644
--- a/packages/content-security-policy/src/index.ts
+++ b/packages/content-security-policy/src/index.ts
@@ -7,3 +7,5 @@ export { starter_policy, recommended_policy } from './policies.js'
 export { cspDirectives, cspHeader, cspJSON } from './csp-directives.js'
 export type { Config } from './csp-directives.js'
 export type { Directives } from './directives.js'
+export { validationErrorOrWarnings } from './errors.js'
+export type { Config as ValidationErrorOrWarningsConfig } from './errors.js'
diff --git a/packages/content-security-policy/src/utils.ts b/packages/content-security-policy/src/utils.ts
index b5ab0bfb..2a8160da 100644
--- a/packages/content-security-policy/src/utils.ts
+++ b/packages/content-security-policy/src/utils.ts
@@ -13,37 +13,17 @@ export const isString = (item: any) => {
   return item && (typeof item === 'string' || item instanceof String)
 }
 
-export const mergeDeep = (target: any, ...sources: any[]): any => {
-  if (!sources.length) {
-    return target
-  }
-  const source = sources.shift()
-  // debug(`merge SOURCE %O into TARGET %O`, source, target)
-
-  if (isObject(target) && isObject(source)) {
-    for (const key in source) {
-      if (isObject(source[key])) {
-        if (!target[key])
-          Object.assign(target, {
-            [key]: {}
-          })
-        mergeDeep(target[key], source[key])
-      } else {
-        Object.assign(target, {
-          [key]: source[key]
-        })
-      }
-    }
-  }
-
-  return mergeDeep(target, ...sources)
-}
-
-// https://bobbyhadz.com/blog/javascript-get-difference-between-two-sets
+/**
+ * https://bobbyhadz.com/blog/javascript-get-difference-between-two-sets
+ * @internal
+ */
 export function diffBetweenSets(setA: Set<any>, setB: Set<any>) {
   return new Set([...setA].filter((elem) => !setB.has(elem)))
 }
 
+/**
+ * @internal
+ */
 export const stringReplacer = (s: string) => {
   if (
     s === 'none' ||
@@ -62,6 +42,9 @@ export const stringReplacer = (s: string) => {
   }
 }
 
+/**
+ * @internal
+ */
 export const hashAlgorithmFromCspSourceValues = (arr: string[]) => {
   const algorithms = arr.filter(
     (s) => s === 'sha256' || s === 'sha384' || s === 'sha512'
@@ -83,11 +66,17 @@ export const hashAlgorithmFromCspSourceValues = (arr: string[]) => {
   }
 }
 
+/**
+ * @internal
+ */
 interface ContentHashConfig {
   algorithm: string
   content: string
 }
 
+/**
+ * @internal
+ */
 export const contentHash = ({ algorithm, content }: ContentHashConfig) => {
   debug(`Compute ${algorithm}-hash from a string of length ${content.length}`)
   const hasher = crypto.createHash(algorithm)

From 9d9b9ab40803196135eb3c91540fdfb9517ec0c8 Mon Sep 17 00:00:00 2001
From: semantic-release-bot <semantic-release-bot@martynus.net>
Date: Wed, 28 Sep 2022 16:31:03 +0000
Subject: [PATCH 04/15] chore(content-security-policy): release
 v.1.0.0-canary.2 [skip ci]

## @jackdbd/content-security-policy [1.0.0-canary.2](https://github.com/jackdbd/calderone/compare/@jackdbd/content-security-policy@1.0.0-canary.1...@jackdbd/content-security-policy@1.0.0-canary.2) (2022-09-28)

### Bug Fixes

* **content-security-policy:** add some exports that were missing ([2131f7a](https://github.com/jackdbd/calderone/commit/2131f7a21540b1b9c2ac319b1d0a5dac3c297982))
---
 packages/content-security-policy/CHANGELOG.md | 7 +++++++
 packages/content-security-policy/package.json | 2 +-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/packages/content-security-policy/CHANGELOG.md b/packages/content-security-policy/CHANGELOG.md
index 73c4f4f5..ac7685d5 100644
--- a/packages/content-security-policy/CHANGELOG.md
+++ b/packages/content-security-policy/CHANGELOG.md
@@ -1,5 +1,12 @@
 # CHANGELOG
 
+## @jackdbd/content-security-policy [1.0.0-canary.2](https://github.com/jackdbd/calderone/compare/@jackdbd/content-security-policy@1.0.0-canary.1...@jackdbd/content-security-policy@1.0.0-canary.2) (2022-09-28)
+
+
+### Bug Fixes
+
+* **content-security-policy:** add some exports that were missing ([2131f7a](https://github.com/jackdbd/calderone/commit/2131f7a21540b1b9c2ac319b1d0a5dac3c297982))
+
 ## @jackdbd/content-security-policy 1.0.0-canary.1 (2022-09-28)
 
 
diff --git a/packages/content-security-policy/package.json b/packages/content-security-policy/package.json
index 9709b790..b52f11d2 100644
--- a/packages/content-security-policy/package.json
+++ b/packages/content-security-policy/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@jackdbd/content-security-policy",
-  "version": "1.0.0-canary.1",
+  "version": "1.0.0-canary.2",
   "description": "",
   "author": {
     "name": "Giacomo Debidda",

From ca167677885855f0612175efcf2ee6edf7372d1e Mon Sep 17 00:00:00 2001
From: Giacomo Debidda <giacomo@giacomodebidda.com>
Date: Wed, 28 Sep 2022 18:35:47 +0200
Subject: [PATCH 05/15] fix(content-security-policy): cleanup

---
 .../content-security-policy/src/schemas.ts    | 33 -------------------
 1 file changed, 33 deletions(-)

diff --git a/packages/content-security-policy/src/schemas.ts b/packages/content-security-policy/src/schemas.ts
index 5daee95f..647a599f 100644
--- a/packages/content-security-policy/src/schemas.ts
+++ b/packages/content-security-policy/src/schemas.ts
@@ -72,10 +72,6 @@ export const csp_source_values = Joi.array()
   .unique()
   .unique(hashAlgorithmComparator)
 
-const glob_pattern = Joi.string().min(1)
-
-const glob_patterns = Joi.array().items(glob_pattern).min(1)
-
 // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/report-to
 const groupname = Joi.string().min(1)
 
@@ -106,16 +102,6 @@ const sandbox_value = Joi.string().valid(
 // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/trusted-types
 const trusted_types_value = Joi.string().min(1)
 
-export const defaultOptions = {
-  allowDeprecatedDirectives: false,
-  directives: {},
-  globPatterns: ['/', '/*/'],
-  globPatternsDetach: [],
-  excludePatterns: [],
-  includePatterns: ['/**/**.html'],
-  reportOnly: false
-}
-
 export const directives = Joi.object({
   'base-uri': csp_source_values,
   'child-src': csp_source_values,
@@ -148,22 +134,3 @@ export const directives = Joi.object({
   'upgrade-insecure-requests': Joi.boolean(),
   'worker-src': csp_source_values
 })
-
-export const pluginOptions = Joi.object().keys({
-  allowDeprecatedDirectives: Joi.boolean().default(
-    defaultOptions.allowDeprecatedDirectives
-  ),
-
-  directives: directives.default(defaultOptions.directives),
-
-  excludePatterns: glob_patterns.default(defaultOptions.excludePatterns),
-
-  globPatterns: glob_patterns.default(defaultOptions.globPatterns),
-
-  // https://developers.cloudflare.com/pages/platform/headers/#detach-a-header
-  globPatternsDetach: glob_patterns.default(defaultOptions.globPatternsDetach),
-
-  includePatterns: glob_patterns.default(defaultOptions.includePatterns),
-
-  reportOnly: Joi.boolean().default(defaultOptions.reportOnly)
-})

From 8dc7aecb5ae7448539eed0a76c2a7725617f3748 Mon Sep 17 00:00:00 2001
From: semantic-release-bot <semantic-release-bot@martynus.net>
Date: Wed, 28 Sep 2022 16:37:10 +0000
Subject: [PATCH 06/15] chore(content-security-policy): release
 v.1.0.0-canary.3 [skip ci]

## @jackdbd/content-security-policy [1.0.0-canary.3](https://github.com/jackdbd/calderone/compare/@jackdbd/content-security-policy@1.0.0-canary.2...@jackdbd/content-security-policy@1.0.0-canary.3) (2022-09-28)

### Bug Fixes

* **content-security-policy:** cleanup ([ca16767](https://github.com/jackdbd/calderone/commit/ca167677885855f0612175efcf2ee6edf7372d1e))
---
 packages/content-security-policy/CHANGELOG.md | 7 +++++++
 packages/content-security-policy/package.json | 2 +-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/packages/content-security-policy/CHANGELOG.md b/packages/content-security-policy/CHANGELOG.md
index ac7685d5..977c7950 100644
--- a/packages/content-security-policy/CHANGELOG.md
+++ b/packages/content-security-policy/CHANGELOG.md
@@ -1,5 +1,12 @@
 # CHANGELOG
 
+## @jackdbd/content-security-policy [1.0.0-canary.3](https://github.com/jackdbd/calderone/compare/@jackdbd/content-security-policy@1.0.0-canary.2...@jackdbd/content-security-policy@1.0.0-canary.3) (2022-09-28)
+
+
+### Bug Fixes
+
+* **content-security-policy:** cleanup ([ca16767](https://github.com/jackdbd/calderone/commit/ca167677885855f0612175efcf2ee6edf7372d1e))
+
 ## @jackdbd/content-security-policy [1.0.0-canary.2](https://github.com/jackdbd/calderone/compare/@jackdbd/content-security-policy@1.0.0-canary.1...@jackdbd/content-security-policy@1.0.0-canary.2) (2022-09-28)
 
 
diff --git a/packages/content-security-policy/package.json b/packages/content-security-policy/package.json
index b52f11d2..b41d59a6 100644
--- a/packages/content-security-policy/package.json
+++ b/packages/content-security-policy/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@jackdbd/content-security-policy",
-  "version": "1.0.0-canary.2",
+  "version": "1.0.0-canary.3",
   "description": "",
   "author": {
     "name": "Giacomo Debidda",

From b1a40f630250d5d3d18bc2171d0875c357fe33e2 Mon Sep 17 00:00:00 2001
From: Giacomo Debidda <giacomo@giacomodebidda.com>
Date: Thu, 29 Sep 2022 00:02:02 +0200
Subject: [PATCH 07/15] feat(content-security-policy): autogenerate hashes for
 inline script/style

---
 assets/html-pages/index.html                  |  16 +-
 .../functions/cspDirectives.html              |   2 +-
 .../functions/cspHeader.html                  |   2 +-
 .../functions/cspJSON.html                    |   2 +-
 .../functions/validationErrorOrWarnings.html  |   2 +-
 .../interfaces/Config.html                    |   6 +-
 .../interfaces/Directives.html                |   2 +-
 .../ValidationErrorOrWarningsConfig.html      |   6 +-
 .../variables/recommended_policy.html         |   2 +-
 .../variables/starter_policy.html             |   2 +-
 package-lock.json                             |   5 +-
 .../__tests__/constants.mjs                   |   6 +
 ...-parser.test.mjs => html-parsers.test.mjs} |   2 +-
 .../__tests__/source-values.test.mjs          |  54 ++++-
 packages/content-security-policy/src/hash.ts  |  37 ++-
 .../src/html-parser.ts                        | 103 --------
 .../src/html-parsers.ts                       | 222 ++++++++++++++++++
 .../src/source-values.ts                      |  44 +++-
 scripts/test.mjs                              |   1 -
 19 files changed, 375 insertions(+), 141 deletions(-)
 rename packages/content-security-policy/__tests__/{html-parser.test.mjs => html-parsers.test.mjs} (98%)
 delete mode 100644 packages/content-security-policy/src/html-parser.ts
 create mode 100644 packages/content-security-policy/src/html-parsers.ts

diff --git a/assets/html-pages/index.html b/assets/html-pages/index.html
index 8b92ea80..6f73d987 100644
--- a/assets/html-pages/index.html
+++ b/assets/html-pages/index.html
@@ -64,6 +64,20 @@
   <script>alert("script number 1")</script>
   </head>
   <body>
-    <div id="wrapper-for-sticky-footer"><header><ul class="cluster wrapper region justify-content:space-between"><li><a href="/">Giacomo Debidda</a></li><li><ul class="cluster" data-align="start"><li><a href="/blog/">Blog</a></li><li><a href="/projects/">Projects</a></li><li><a href="/about/">About</a></li><li><a href="/contact/">Contact</a></li></ul></li></ul></header><main class="wrapper"><div class="flow region"><h1>Hi there!</h1><p>I'm Giacomo Debidda, also known as <a href="https://twitter.com/jackdbd" rel="noopener noreferrer" target="_blank">@jackdbd</a> on the Internet.</p><h2>Recent articles</h2><ul class="flow post-list"><li class="flow"><h2><a href="/posts/inspect-container-images-with-dive/">Inspect container images with dive</a></h2><p><time datetime="2022-02-04"><strong>04 Feb 2022</strong> </time><span>|</span> <span>4 min read</span></p></li><li class="flow"><h2><a href="/posts/test-your-javascript-on-multiple-engines-with-eshost-cli-and-jsvu/">Test your JavaScript on multiple engines with eshost-cli and jsvu</a></h2><p><time datetime="2021-05-07"><strong>07 May 2021</strong> </time><span>|</span> <span>3 min read</span></p></li><li class="flow"><h2><a href="/posts/generate-and-view-har-files/">Generate and view HAR files</a></h2><p><time datetime="2021-05-06"><strong>06 May 2021</strong> </time><span>|</span> <span>4 min read</span></p></li></ul></div></main><footer><div class="flow wrapper region"><ul class="cluster" data-align="end"><li><a href="/feeds/posts.xml">RSS</a></li><li><a href="https://github.com/jackdbd" rel="noopener noreferrer" target="_blank">GitHub</a></li><li><a href="https://twitter.com/jackdbd" rel="noopener noreferrer" target="_blank">Twitter</a></li><li><a href="https://www.linkedin.com/in/giacomodebidda/" rel="noopener noreferrer" target="_blank">Linkedin</a></li><li><a href="https://stackoverflow.com/users/3036129/jackdbd" rel="noopener noreferrer" target="_blank">Stack Overflow</a></li></ul><div class="flex-end"><small>Copyright © 2020 – 2022 Giacomo Debidda – All rights reserved</small></div></div></footer></div>
+    <div id="wrapper-for-sticky-footer">
+      <header>
+        <ul class="cluster wrapper region justify-content:space-between"><li><a href="/">Giacomo Debidda</a></li><li><ul class="cluster" data-align="start"><li><a href="/blog/">Blog</a></li><li><a href="/projects/">Projects</a></li><li><a href="/about/">About</a></li><li><a href="/contact/">Contact</a></li></ul></li></ul>
+      </header>
+      <main class="wrapper">
+        <div class="flow region">
+          <h1 style="color:rebeccapurple;font-size:6rem;">Hi there!</h1>
+          <a id="anchor-with-inline-event-handler" href="#" onclick="alert('hello')">click me</a>
+          <p>I'm Giacomo Debidda, also known as <a href="https://twitter.com/jackdbd" rel="noopener noreferrer" target="_blank">@jackdbd</a> on the Internet.</p><h2>Recent articles</h2><ul class="flow post-list"><li class="flow"><h2><a href="/posts/inspect-container-images-with-dive/">Inspect container images with dive</a></h2><p><time datetime="2022-02-04"><strong>04 Feb 2022</strong> </time><span>|</span> <span>4 min read</span></p></li><li class="flow"><h2><a href="/posts/test-your-javascript-on-multiple-engines-with-eshost-cli-and-jsvu/">Test your JavaScript on multiple engines with eshost-cli and jsvu</a></h2><p><time datetime="2021-05-07"><strong>07 May 2021</strong> </time><span>|</span> <span>3 min read</span></p></li><li class="flow"><h2><a href="/posts/generate-and-view-har-files/">Generate and view HAR files</a></h2><p><time datetime="2021-05-06"><strong>06 May 2021</strong> </time><span>|</span> <span>4 min read</span></p></li></ul>
+        </div>
+      </main>
+      <footer>
+        <div class="flow wrapper region"><ul class="cluster" data-align="end"><li><a href="/feeds/posts.xml">RSS</a></li><li><a href="https://github.com/jackdbd" rel="noopener noreferrer" target="_blank">GitHub</a></li><li><a href="https://twitter.com/jackdbd" rel="noopener noreferrer" target="_blank">Twitter</a></li><li><a href="https://www.linkedin.com/in/giacomodebidda/" rel="noopener noreferrer" target="_blank">Linkedin</a></li><li><a href="https://stackoverflow.com/users/3036129/jackdbd" rel="noopener noreferrer" target="_blank">Stack Overflow</a></li></ul><div class="flex-end"><small>Copyright © 2020 – 2022 Giacomo Debidda – All rights reserved</small></div></div>
+      </footer>
+    </div>
   </body>
 </html>
\ No newline at end of file
diff --git a/docs/content-security-policy/functions/cspDirectives.html b/docs/content-security-policy/functions/cspDirectives.html
index 24f0a6a9..a653ccdf 100644
--- a/docs/content-security-policy/functions/cspDirectives.html
+++ b/docs/content-security-policy/functions/cspDirectives.html
@@ -24,7 +24,7 @@ <h4 class="tsd-parameters-title">Parameters</h4>
 <h5>__namedParameters: <a href="../interfaces/Config.html" class="tsd-signature-type" data-tsd-kind="Interface">Config</a></h5></li></ul></div>
 <h4 class="tsd-returns-title">Returns <span class="tsd-signature-type">Promise</span><span class="tsd-signature-symbol">&lt;</span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol">&gt;</span></h4><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/csp-directives.ts#L24">csp-directives.ts:24</a></li></ul></aside></li></ul></section></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/csp-directives.ts#L24">csp-directives.ts:24</a></li></ul></aside></li></ul></section></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
diff --git a/docs/content-security-policy/functions/cspHeader.html b/docs/content-security-policy/functions/cspHeader.html
index e1144fa6..06514089 100644
--- a/docs/content-security-policy/functions/cspHeader.html
+++ b/docs/content-security-policy/functions/cspHeader.html
@@ -24,7 +24,7 @@ <h4 class="tsd-parameters-title">Parameters</h4>
 <h5>__namedParameters: <a href="../interfaces/Config.html" class="tsd-signature-type" data-tsd-kind="Interface">Config</a></h5></li></ul></div>
 <h4 class="tsd-returns-title">Returns <span class="tsd-signature-type">Promise</span><span class="tsd-signature-symbol">&lt;</span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">&gt;</span></h4><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/csp-directives.ts#L107">csp-directives.ts:107</a></li></ul></aside></li></ul></section></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/csp-directives.ts#L107">csp-directives.ts:107</a></li></ul></aside></li></ul></section></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
diff --git a/docs/content-security-policy/functions/cspJSON.html b/docs/content-security-policy/functions/cspJSON.html
index db90c4aa..f76757e0 100644
--- a/docs/content-security-policy/functions/cspJSON.html
+++ b/docs/content-security-policy/functions/cspJSON.html
@@ -24,7 +24,7 @@ <h4 class="tsd-parameters-title">Parameters</h4>
 <h5>__namedParameters: <a href="../interfaces/Config.html" class="tsd-signature-type" data-tsd-kind="Interface">Config</a></h5></li></ul></div>
 <h4 class="tsd-returns-title">Returns <span class="tsd-signature-type">Promise</span><span class="tsd-signature-symbol">&lt;</span><span class="tsd-signature-symbol">{}</span><span class="tsd-signature-symbol">&gt;</span></h4><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/csp-directives.ts#L119">csp-directives.ts:119</a></li></ul></aside></li></ul></section></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/csp-directives.ts#L119">csp-directives.ts:119</a></li></ul></aside></li></ul></section></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
diff --git a/docs/content-security-policy/functions/validationErrorOrWarnings.html b/docs/content-security-policy/functions/validationErrorOrWarnings.html
index 66598671..f3fe45f3 100644
--- a/docs/content-security-policy/functions/validationErrorOrWarnings.html
+++ b/docs/content-security-policy/functions/validationErrorOrWarnings.html
@@ -24,7 +24,7 @@ <h4 class="tsd-parameters-title">Parameters</h4>
 <h5>__namedParameters: <a href="../interfaces/ValidationErrorOrWarningsConfig.html" class="tsd-signature-type" data-tsd-kind="Interface">ValidationErrorOrWarningsConfig</a></h5></li></ul></div>
 <h4 class="tsd-returns-title">Returns <span class="tsd-signature-symbol">{ </span>error<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">undefined</span><span class="tsd-signature-symbol">; </span>warnings<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol"> }</span><span class="tsd-signature-symbol"> | </span><span class="tsd-signature-symbol">{ </span>error<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">Error</span><span class="tsd-signature-symbol">; </span>warnings<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol"> }</span></h4><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/errors.ts#L15">errors.ts:15</a></li></ul></aside></li></ul></section></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/errors.ts#L15">errors.ts:15</a></li></ul></aside></li></ul></section></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
diff --git a/docs/content-security-policy/interfaces/Config.html b/docs/content-security-policy/interfaces/Config.html
index 4d64a8d9..ba841b27 100644
--- a/docs/content-security-policy/interfaces/Config.html
+++ b/docs/content-security-policy/interfaces/Config.html
@@ -18,7 +18,7 @@ <h4>Hierarchy</h4>
 <ul class="tsd-hierarchy">
 <li><span class="target">Config</span></li></ul></section><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/csp-directives.ts#L16">csp-directives.ts:16</a></li></ul></aside>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/csp-directives.ts#L16">csp-directives.ts:16</a></li></ul></aside>
 <section class="tsd-panel-group tsd-index-group">
 <section class="tsd-panel tsd-index-panel">
 <details class="tsd-index-content tsd-index-accordion" open><summary class="tsd-accordion-summary tsd-index-summary">
@@ -35,12 +35,12 @@ <h2>Properties</h2>
 <h3 class="tsd-anchor-link"><span>directives</span><a href="#directives" aria-label="Permalink" class="tsd-anchor-icon"><svg class="icon icon-tabler icon-tabler-link" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none" id="icon-anchor-a"></path><path d="M10 14a3.5 3.5 0 0 0 5 0l4 -4a3.5 3.5 0 0 0 -5 -5l-.5 .5" id="icon-anchor-b"></path><path d="M14 10a3.5 3.5 0 0 0 -5 0l-4 4a3.5 3.5 0 0 0 5 5l.5 -.5" id="icon-anchor-c"></path></svg></a></h3>
 <div class="tsd-signature">directives<span class="tsd-signature-symbol">:</span> <a href="Directives.html" class="tsd-signature-type" data-tsd-kind="Interface">Directives</a></div><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/csp-directives.ts#L17">csp-directives.ts:17</a></li></ul></aside></section>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/csp-directives.ts#L17">csp-directives.ts:17</a></li></ul></aside></section>
 <section class="tsd-panel tsd-member tsd-kind-property tsd-parent-kind-interface"><a id="patterns" class="tsd-anchor"></a>
 <h3 class="tsd-anchor-link"><span>patterns</span><a href="#patterns" aria-label="Permalink" class="tsd-anchor-icon"><svg class="icon icon-tabler icon-tabler-link" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><use href="#icon-anchor-a"></use><use href="#icon-anchor-b"></use><use href="#icon-anchor-c"></use></svg></a></h3>
 <div class="tsd-signature">patterns<span class="tsd-signature-symbol">:</span> <span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></div><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/csp-directives.ts#L18">csp-directives.ts:18</a></li></ul></aside></section></section></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/csp-directives.ts#L18">csp-directives.ts:18</a></li></ul></aside></section></section></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
diff --git a/docs/content-security-policy/interfaces/Directives.html b/docs/content-security-policy/interfaces/Directives.html
index 9203f103..396ee8aa 100644
--- a/docs/content-security-policy/interfaces/Directives.html
+++ b/docs/content-security-policy/interfaces/Directives.html
@@ -21,7 +21,7 @@ <h4>Hierarchy</h4>
 <h4 class="tsd-before-signature">Indexable</h4>
 <div class="tsd-signature"><span class="tsd-signature-symbol">[</span>k: <span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">]: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></div></section><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/directives.ts#L90">directives.ts:90</a></li></ul></aside></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/directives.ts#L90">directives.ts:90</a></li></ul></aside></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
diff --git a/docs/content-security-policy/interfaces/ValidationErrorOrWarningsConfig.html b/docs/content-security-policy/interfaces/ValidationErrorOrWarningsConfig.html
index d75343d8..89468e07 100644
--- a/docs/content-security-policy/interfaces/ValidationErrorOrWarningsConfig.html
+++ b/docs/content-security-policy/interfaces/ValidationErrorOrWarningsConfig.html
@@ -18,7 +18,7 @@ <h4>Hierarchy</h4>
 <ul class="tsd-hierarchy">
 <li><span class="target">ValidationErrorOrWarningsConfig</span></li></ul></section><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/errors.ts#L7">errors.ts:7</a></li></ul></aside>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/errors.ts#L7">errors.ts:7</a></li></ul></aside>
 <section class="tsd-panel-group tsd-index-group">
 <section class="tsd-panel tsd-index-panel">
 <details class="tsd-index-content tsd-index-accordion" open><summary class="tsd-accordion-summary tsd-index-summary">
@@ -35,12 +35,12 @@ <h2>Properties</h2>
 <h3 class="tsd-anchor-link"><span>allow<wbr/>Deprecated<wbr/>Directives</span><a href="#allowDeprecatedDirectives" aria-label="Permalink" class="tsd-anchor-icon"><svg class="icon icon-tabler icon-tabler-link" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none" id="icon-anchor-a"></path><path d="M10 14a3.5 3.5 0 0 0 5 0l4 -4a3.5 3.5 0 0 0 -5 -5l-.5 .5" id="icon-anchor-b"></path><path d="M14 10a3.5 3.5 0 0 0 -5 0l-4 4a3.5 3.5 0 0 0 5 5l.5 -.5" id="icon-anchor-c"></path></svg></a></h3>
 <div class="tsd-signature">allow<wbr/>Deprecated<wbr/>Directives<span class="tsd-signature-symbol">:</span> <span class="tsd-signature-type">boolean</span></div><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/errors.ts#L8">errors.ts:8</a></li></ul></aside></section>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/errors.ts#L8">errors.ts:8</a></li></ul></aside></section>
 <section class="tsd-panel tsd-member tsd-kind-property tsd-parent-kind-interface"><a id="error" class="tsd-anchor"></a>
 <h3 class="tsd-anchor-link"><span>error</span><a href="#error" aria-label="Permalink" class="tsd-anchor-icon"><svg class="icon icon-tabler icon-tabler-link" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><use href="#icon-anchor-a"></use><use href="#icon-anchor-b"></use><use href="#icon-anchor-c"></use></svg></a></h3>
 <div class="tsd-signature">error<span class="tsd-signature-symbol">:</span> <span class="tsd-signature-type">any</span></div><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/errors.ts#L9">errors.ts:9</a></li></ul></aside></section></section></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/errors.ts#L9">errors.ts:9</a></li></ul></aside></section></section></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
diff --git a/docs/content-security-policy/variables/recommended_policy.html b/docs/content-security-policy/variables/recommended_policy.html
index 94666c09..7ccf429e 100644
--- a/docs/content-security-policy/variables/recommended_policy.html
+++ b/docs/content-security-policy/variables/recommended_policy.html
@@ -59,7 +59,7 @@ <h5>style-<wbr/>src<span class="tsd-signature-symbol">: </span><span class="tsd-
 <li class="tsd-parameter">
 <h5>upgrade-<wbr/>insecure-<wbr/>requests<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">boolean</span></h5></li></ul></div><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/policies.ts#L30">policies.ts:30</a></li></ul></aside></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/policies.ts#L30">policies.ts:30</a></li></ul></aside></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
diff --git a/docs/content-security-policy/variables/starter_policy.html b/docs/content-security-policy/variables/starter_policy.html
index a1ccefda..4d3d5033 100644
--- a/docs/content-security-policy/variables/starter_policy.html
+++ b/docs/content-security-policy/variables/starter_policy.html
@@ -35,7 +35,7 @@ <h5>script-<wbr/>src<span class="tsd-signature-symbol">: </span><span class="tsd
 <li class="tsd-parameter">
 <h5>style-<wbr/>src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></h5></li></ul></div><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/69b4eea/packages/content-security-policy/src/policies.ts#L5">policies.ts:5</a></li></ul></aside></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/policies.ts#L5">policies.ts:5</a></li></ul></aside></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
diff --git a/package-lock.json b/package-lock.json
index 801cb468..265836e8 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -23001,7 +23001,8 @@
       }
     },
     "packages/content-security-policy": {
-      "version": "0.0.0",
+      "name": "@jackdbd/content-security-policy",
+      "version": "1.0.0-canary.3",
       "license": "MIT",
       "dependencies": {
         "debug": "^4.3.4",
@@ -23136,6 +23137,7 @@
         "@google-cloud/monitoring": "^3.0.1",
         "@google-cloud/pubsub": "^3.1.1",
         "@google-cloud/tasks": "^3.0.2",
+        "@jackdbd/content-security-policy": "*",
         "@jackdbd/tags-logger": "^1.1.0",
         "debug": "4.3.4",
         "esbuild": "0.15.7",
@@ -26504,6 +26506,7 @@
         "@google-cloud/monitoring": "^3.0.1",
         "@google-cloud/pubsub": "^3.1.1",
         "@google-cloud/tasks": "^3.0.2",
+        "@jackdbd/content-security-policy": "*",
         "@jackdbd/tags-logger": "^1.1.0",
         "debug": "4.3.4",
         "esbuild": "0.15.7",
diff --git a/packages/content-security-policy/__tests__/constants.mjs b/packages/content-security-policy/__tests__/constants.mjs
index 82e9d796..1d11c7f6 100644
--- a/packages/content-security-policy/__tests__/constants.mjs
+++ b/packages/content-security-policy/__tests__/constants.mjs
@@ -27,6 +27,9 @@ export const DIRECTIVES = {
     'res.cloudinary.com'
   ],
 
+  // https://makandracards.com/makandra/503862-using-inline-event-handlers-with-a-strict-content-security-policy-csp
+  'script-src-attr': ['self', 'unsafe-hashes', 'sha256'],
+
   'script-src-elem': [
     'self',
     'https://plausible.io/js/plausible.js',
@@ -34,6 +37,9 @@ export const DIRECTIVES = {
     'https://unpkg.com/htm/preact/standalone.module.js'
   ],
 
+  // https://content-security-policy.com/examples/allow-inline-style/
+  'style-src-attr': ['self', 'unsafe-hashes', 'sha256'],
+
   'style-src-elem': ['self', 'sha256'],
 
   'worker-src': ['self']
diff --git a/packages/content-security-policy/__tests__/html-parser.test.mjs b/packages/content-security-policy/__tests__/html-parsers.test.mjs
similarity index 98%
rename from packages/content-security-policy/__tests__/html-parser.test.mjs
rename to packages/content-security-policy/__tests__/html-parsers.test.mjs
index ad0ee026..d10d530a 100644
--- a/packages/content-security-policy/__tests__/html-parser.test.mjs
+++ b/packages/content-security-policy/__tests__/html-parsers.test.mjs
@@ -1,6 +1,6 @@
 import fs from 'node:fs'
 import path from 'node:path'
-import { scriptTagsContents, styleTagsContents } from '../lib/html-parser.js'
+import { scriptTagsContents, styleTagsContents } from '../lib/html-parsers.js'
 
 const HTML_DIR = path.resolve('..', '..', 'assets', 'html-pages')
 //   const HTML_DIR = path.join('assets', 'html-pages')
diff --git a/packages/content-security-policy/__tests__/source-values.test.mjs b/packages/content-security-policy/__tests__/source-values.test.mjs
index 31f3de2b..5e42b95b 100644
--- a/packages/content-security-policy/__tests__/source-values.test.mjs
+++ b/packages/content-security-policy/__tests__/source-values.test.mjs
@@ -4,11 +4,15 @@ import {
   cspSourceValuesStyleAttr,
   cspSourceValuesStyleElem
 } from '../lib/source-values.js'
-import { hashesStyleSrcElem } from '../lib/hash.js'
+import {
+  hashesScriptSrcAttr,
+  hashesStyleSrcAttr,
+  hashesStyleSrcElem
+} from '../lib/hash.js'
 import { DIRECTIVES, PATTERNS } from './constants.mjs'
 
 describe('cspSourceValuesScriptAttr', () => {
-  it("returns undefined when there isn't a `script-src-attr` CSP directive among the specified directives", async () => {
+  it('returns an array of N elements, where N is the length of the values allowed for the specified CSP directive', async () => {
     const directive = 'script-src-attr'
 
     const arr = await cspSourceValuesScriptAttr({
@@ -17,7 +21,27 @@ describe('cspSourceValuesScriptAttr', () => {
       patterns: PATTERNS
     })
 
-    expect(arr).not.toBeDefined()
+    expect(arr.length).toBe(DIRECTIVES[directive].length)
+  })
+
+  it('computes the hash using the specified algorithm', async () => {
+    const directive = 'script-src-attr'
+
+    const arr = await cspSourceValuesScriptAttr({
+      directive,
+      directives: DIRECTIVES,
+      patterns: PATTERNS
+    })
+
+    const hash_algorithm = DIRECTIVES[directive][2]
+    expect(arr[2]).toContain(hash_algorithm)
+
+    const hashes_256 = await hashesScriptSrcAttr({
+      algorithm: hash_algorithm,
+      patterns: PATTERNS
+    })
+
+    expect(arr[2]).toBe(hashes_256[0])
   })
 })
 
@@ -36,7 +60,19 @@ describe('cspSourceValuesScriptElem', () => {
 })
 
 describe('cspSourceValuesStyleAttr', () => {
-  it("returns undefined when there isn't a `style-src-attr` CSP directive among the specified directives", async () => {
+  it('returns an array of N elements, where N is the length of the values allowed for the specified CSP directive', async () => {
+    const directive = 'style-src-attr'
+
+    const arr = await cspSourceValuesStyleAttr({
+      directive,
+      directives: DIRECTIVES,
+      patterns: PATTERNS
+    })
+
+    expect(arr.length).toBe(DIRECTIVES[directive].length)
+  })
+
+  it('computes the hash using the specified algorithm', async () => {
     const directive = 'style-src-attr'
 
     const arr = await cspSourceValuesStyleAttr({
@@ -45,7 +81,15 @@ describe('cspSourceValuesStyleAttr', () => {
       patterns: PATTERNS
     })
 
-    expect(arr).not.toBeDefined()
+    const hash_algorithm = DIRECTIVES[directive][2]
+    expect(arr[2]).toContain(hash_algorithm)
+
+    const hashes_256 = await hashesStyleSrcAttr({
+      algorithm: hash_algorithm,
+      patterns: PATTERNS
+    })
+
+    expect(arr[2]).toBe(hashes_256[0])
   })
 })
 
diff --git a/packages/content-security-policy/src/hash.ts b/packages/content-security-policy/src/hash.ts
index c8a89f73..a5d09339 100644
--- a/packages/content-security-policy/src/hash.ts
+++ b/packages/content-security-policy/src/hash.ts
@@ -1,6 +1,11 @@
 import { globby } from 'globby'
 import makeDebug from 'debug'
-import { scriptTagsContents, styleTagsContents } from './html-parser.js'
+import {
+  scriptTagsContents,
+  styleTagsContents,
+  inlineEventHandlerContents,
+  inlineStyleContents
+} from './html-parsers.js'
 import { contentHash, hashAlgorithmFromCspSourceValues } from './utils.js'
 
 const debug = makeDebug('csp/hash')
@@ -99,19 +104,17 @@ export const uniqueHashes = async ({
   )
 
   const promises = paths.map(async (filepath) => {
-    // contents in a single page
     const contents: string[] = await parser(filepath)
-    // content hashes in a single page
     return contents.map((content) => contentHash({ algorithm, content }))
   })
 
   // unflattened, with duplicates
   const hashes = await Promise.all(promises)
-  // flattened, without duplicates
-  const hashesUnique = [...new Set(...hashes)]
+  // flattened, without duplicates and empty hashes
+  const hashesUnique = [...new Set(...hashes.filter((hash) => hash.length > 0))]
 
   debug(
-    ` ${hashesUnique.length} ${
+    `${hashesUnique.length} ${
       hashesUnique.length === 1 ? `hash` : `unique hashes`
     } computed from inlined content (across all pages).`
   )
@@ -119,6 +122,17 @@ export const uniqueHashes = async ({
   return hashesUnique
 }
 
+/**
+ * @internal
+ */
+export const hashesScriptSrcAttr = async ({ algorithm, patterns }: Config) => {
+  return await uniqueHashes({
+    algorithm,
+    parser: inlineEventHandlerContents,
+    patterns
+  })
+}
+
 /**
  * @internal
  */
@@ -130,6 +144,17 @@ export const hashesScriptSrcElem = async ({ algorithm, patterns }: Config) => {
   })
 }
 
+/**
+ * @internal
+ */
+export const hashesStyleSrcAttr = async ({ algorithm, patterns }: Config) => {
+  return await uniqueHashes({
+    algorithm,
+    parser: inlineStyleContents,
+    patterns
+  })
+}
+
 /**
  * @internal
  */
diff --git a/packages/content-security-policy/src/html-parser.ts b/packages/content-security-policy/src/html-parser.ts
deleted file mode 100644
index 007a566f..00000000
--- a/packages/content-security-policy/src/html-parser.ts
+++ /dev/null
@@ -1,103 +0,0 @@
-import fs from 'node:fs'
-import util from 'node:util'
-import makeDebug from 'debug'
-import { parse, parseDefaults } from 'himalaya'
-// import type { HimalayaJson } from '../../../custom-types/himalaya/index.js'
-
-const debug = makeDebug('csp/html-parser')
-
-const readFileAsync = util.promisify(fs.readFile)
-
-interface HimalayaJson {
-  children: any[]
-  content: string
-  tagName: string
-  filter: (predicate: (x: any) => boolean) => any
-}
-
-const isHtml = (json: HimalayaJson) => json.tagName === 'html'
-
-const isHead = (json: HimalayaJson) => json.tagName === 'head'
-
-const children = (json: HimalayaJson) => json.children
-
-const isScriptTag = (json: HimalayaJson) => json.tagName === 'script'
-
-const isStyleTag = (json: HimalayaJson) => json.tagName === 'style'
-
-const content = (json: HimalayaJson) => json.content
-
-// for debugging
-// const tap = (json: HimalayaJson) => {
-//   console.log('=== Himalaya tap ===')
-//   console.log(json)
-//   return json
-// }
-
-const getScriptTagsContents = (json: HimalayaJson): string[] => {
-  // .map(tap)
-  return json
-    .filter(isHtml)
-    .flatMap(children)
-    .filter(isHead)
-    .flatMap(children)
-    .filter(isScriptTag)
-    .flatMap(children)
-    .map(content)
-}
-
-const getStyleTagsContents = (json: HimalayaJson): string[] => {
-  // .map(tap)
-  return json
-    .filter(isHtml)
-    .flatMap(children)
-    .filter(isHead)
-    .flatMap(children)
-    .filter(isStyleTag)
-    .flatMap(children)
-    .map(content)
-}
-
-/**
- * Parses a HTML file and retrieves the content of all `<script>` tags in `<head>`.
- *
- * filepath is the fullpath to the HTML file to parse.
- *
- * @internal
- */
-export const scriptTagsContents = async (filepath: string) => {
-  debug(`Look for <script> tags inlined in <head> in ${filepath}`)
-
-  let html: string
-  try {
-    html = await readFileAsync(filepath, { encoding: 'utf8' })
-    // https://github.com/andrejewski/himalaya/blob/master/text/ast-spec-v1.md
-    // https://github.com/andrejewski/himalaya/blob/f0b870011b84da362c863dc914157f30d4a603ac/src/index.js#L12
-  } catch (err: any) {
-    throw new Error(`Could not parse ${filepath}\n${err.message}`)
-  }
-
-  const json = parse(html, { ...parseDefaults, includePositions: false })
-  return getScriptTagsContents(json)
-}
-
-/**
- * Parses a HTML file and retrieves the content of all `<style>` tags in `<head>`.
- *
- * filepath is the fullpath to the HTML file to parse.
- *
- * @internal
- */
-export const styleTagsContents = async (filepath: string) => {
-  debug(`Look for <style> tags inlined in <head> in ${filepath}`)
-
-  let html: string
-  try {
-    html = await readFileAsync(filepath, { encoding: 'utf8' })
-  } catch (err: any) {
-    throw new Error(`Could not parse ${filepath}\n${err.message}`)
-  }
-
-  const json = parse(html, { ...parseDefaults, includePositions: false })
-  return getStyleTagsContents(json)
-}
diff --git a/packages/content-security-policy/src/html-parsers.ts b/packages/content-security-policy/src/html-parsers.ts
new file mode 100644
index 00000000..84309e09
--- /dev/null
+++ b/packages/content-security-policy/src/html-parsers.ts
@@ -0,0 +1,222 @@
+import fs from 'node:fs'
+import util from 'node:util'
+import makeDebug from 'debug'
+import { parse, parseDefaults } from 'himalaya'
+// import type { HimalayaJson } from '../../../custom-types/himalaya/index.js'
+
+const debug = makeDebug('csp/html-parsers')
+
+const readFileAsync = util.promisify(fs.readFile)
+
+type NodeType = 'element' | 'comment' | 'text'
+
+interface Node {
+  type: NodeType
+}
+
+interface Attribute {
+  key: string
+  value?: string
+}
+
+export interface Element extends Node {
+  type: 'element'
+  tagName: string
+  children: Node[] | Element[]
+  attributes: Attribute[]
+}
+
+// https://github.com/andrejewski/himalaya/blob/master/text/ast-spec-v1.md
+interface HimalayaJson {
+  children: any[]
+  content: string
+  tagName: string
+  filter: (predicate: (x: any) => boolean) => any
+}
+
+const isHtml = (json: HimalayaJson) => json.tagName === 'html'
+
+const isHead = (json: HimalayaJson) => json.tagName === 'head'
+
+const isBody = (json: HimalayaJson) => json.tagName === 'body'
+
+const children = (json: HimalayaJson) => json.children
+
+const isScriptTag = (json: HimalayaJson) => json.tagName === 'script'
+
+const isStyleTag = (json: HimalayaJson) => json.tagName === 'style'
+
+const content = (json: HimalayaJson) => json.content
+
+// for debugging
+export const tap = (json: HimalayaJson) => {
+  console.log('=== Himalaya tap ===')
+  console.log(json)
+  // console.log(JSON.stringify(json, null, 2))
+  return json
+}
+
+const propertyValue = (elem: Element, property: string) => {
+  return elem.attributes
+    .filter((attr) => attr.key.toLowerCase() === property)
+    .filter((attr) => attr.value !== undefined)
+    .map((attr) => attr.value!)
+}
+
+const getScriptTagsContents = (json: HimalayaJson): string[] => {
+  return json
+    .filter(isHtml)
+    .flatMap(children)
+    .filter(isHead)
+    .flatMap(children)
+    .filter(isScriptTag)
+    .flatMap(children)
+    .map(content)
+}
+
+const eventHandlerContents = (json: HimalayaJson) => {
+  const contents: string[] = []
+
+  const recur = (node: Node): void => {
+    if (node.type !== 'element') {
+      return
+    }
+
+    const elem = node as Element
+    if (elem.children) {
+      // TODO: consider other inlined JS snippts (onhover, onmousehover, etc)
+      const snippets = propertyValue(elem, 'onclick')
+      if (snippets.length > 0) {
+        contents.push(...snippets)
+      }
+      elem.children.forEach((child) => recur(child))
+      return
+    } else {
+      return
+    }
+  }
+
+  recur(json as any)
+
+  return contents
+}
+
+const styleContents = (json: HimalayaJson) => {
+  const contents: string[] = []
+
+  const recur = (node: Node): void => {
+    if (node.type !== 'element') {
+      return
+    }
+
+    const elem = node as Element
+
+    if (elem.children) {
+      const snippets = propertyValue(elem, 'style')
+      if (snippets.length > 0) {
+        contents.push(...snippets)
+      }
+      elem.children.forEach((child) => recur(child))
+      return
+    } else {
+      return
+    }
+  }
+
+  recur(json as any)
+
+  return contents
+}
+
+const getInlineEventHandlerContents = (json: HimalayaJson): string[] => {
+  return json
+    .filter(isHtml)
+    .flatMap(children)
+    .filter(isBody)
+    .flatMap(children)
+    .flatMap(eventHandlerContents)
+  // .map(tap)
+}
+
+const getInlineStyleContents = (json: HimalayaJson): string[] => {
+  return json
+    .filter(isHtml)
+    .flatMap(children)
+    .filter(isBody)
+    .flatMap(children)
+    .flatMap(styleContents)
+  // .map(tap)
+}
+
+const getStyleTagsContents = (json: HimalayaJson): string[] => {
+  return json
+    .filter(isHtml)
+    .flatMap(children)
+    .filter(isHead)
+    .flatMap(children)
+    .filter(isStyleTag)
+    .flatMap(children)
+    .map(content)
+}
+
+/**
+ *
+ * filepath is the fullpath to the HTML file to parse.
+ *
+ * @internal
+ *
+ * https://github.com/andrejewski/himalaya/blob/master/text/ast-spec-v1.md
+ * https://github.com/andrejewski/himalaya/blob/f0b870011b84da362c863dc914157f30d4a603ac/src/index.js#L12
+ */
+const himalayaJson = async (filepath: string) => {
+  try {
+    const html = await readFileAsync(filepath, { encoding: 'utf8' })
+    return parse(html, { ...parseDefaults, includePositions: false })
+  } catch (err: any) {
+    throw new Error(`Could not parse ${filepath}\n${err.message}`)
+  }
+}
+
+/**
+ * Parses a HTML file and retrieves the content of all `<script>` tags in `<head>`.
+ *
+ * @internal
+ */
+export const scriptTagsContents = async (filepath: string) => {
+  debug(`Look for <script> tags inlined in <head> in ${filepath}`)
+  const json = await himalayaJson(filepath)
+  return getScriptTagsContents(json)
+}
+
+/**
+ * Parses a HTML file and retrieves the content of all `<style>` tags in `<head>`.
+ *
+ * @internal
+ */
+export const styleTagsContents = async (filepath: string) => {
+  debug(`Look for <style> tags inlined in <head> in ${filepath}`)
+  const json = await himalayaJson(filepath)
+  return getStyleTagsContents(json)
+}
+
+/**
+ * Parses a HTML file and retrieves the content of all inline event handlers in `<body>`.
+ *
+ * @internal
+ */
+export const inlineEventHandlerContents = async (filepath: string) => {
+  debug(`Look for event handlers inlined in <body> in ${filepath}`)
+  const json = await himalayaJson(filepath)
+  return getInlineEventHandlerContents(json)
+}
+
+/**
+ * Parses a HTML file and retrieves the content of all inline styles in `<body>`.
+ *
+ * @internal
+ */
+export const inlineStyleContents = async (filepath: string) => {
+  debug(`Look for inline styles in <body> in ${filepath}`)
+  const json = await himalayaJson(filepath)
+  return getInlineStyleContents(json)
+}
diff --git a/packages/content-security-policy/src/source-values.ts b/packages/content-security-policy/src/source-values.ts
index caa84bf4..bc051628 100644
--- a/packages/content-security-policy/src/source-values.ts
+++ b/packages/content-security-policy/src/source-values.ts
@@ -2,7 +2,9 @@ import makeDebug from 'debug'
 import {
   hashAlgorithmMap,
   noHashSpecifiedMessage,
+  hashesScriptSrcAttr,
   hashesScriptSrcElem,
+  hashesStyleSrcAttr,
   hashesStyleSrcElem
 } from './hash.js'
 import type { Algorithm, DirectiveKey } from './hash.js'
@@ -54,7 +56,8 @@ const hashAlgorithm = ({ directive, directives }: AlgorithmConfig) => {
  */
 export const cspSourceValuesScriptAttr = async ({
   directive,
-  directives
+  directives,
+  patterns
 }: Config) => {
   const algorithm = hashAlgorithm({ directive, directives })
 
@@ -63,9 +66,19 @@ export const cspSourceValuesScriptAttr = async ({
     return directives[directive]
   }
 
-  throw new Error(
-    `NOT IMPLEMENTED: content hash generation for the ${directive} CSP directive is currently not implemented. Use 'unsafe-hashes' instead.`
+  debug(
+    `CSP directive ${directive}: parse HTML and compute ${algorithm} hashes`
   )
+
+  const hashes = await hashesScriptSrcAttr({ algorithm, patterns })
+
+  debug(`CSP directive ${directive}: allow hashes %O`, hashes)
+
+  return cspSourceValues({
+    algorithm,
+    hashes,
+    values: directives[directive]
+  })
 }
 
 /**
@@ -79,13 +92,13 @@ export const cspSourceValuesScriptElem = async ({
   const algorithm = hashAlgorithm({ directive, directives })
 
   if (!algorithm) {
-    debug(
-      `CSP directive ${directive}: no has algorithm specified. No hash will be generated. Return original CSP source values.`
-    )
+    debug(noHashSpecifiedMessage(directive))
     return directives[directive]
   }
 
-  debug(noHashSpecifiedMessage(directive))
+  debug(
+    `CSP directive ${directive}: parse HTML and compute ${algorithm} hashes`
+  )
 
   const hashes = await hashesScriptSrcElem({
     algorithm,
@@ -106,7 +119,8 @@ export const cspSourceValuesScriptElem = async ({
  */
 export const cspSourceValuesStyleAttr = async ({
   directive,
-  directives
+  directives,
+  patterns
 }: Config) => {
   const algorithm = hashAlgorithm({ directive, directives })
 
@@ -115,9 +129,19 @@ export const cspSourceValuesStyleAttr = async ({
     return directives[directive]
   }
 
-  throw new Error(
-    `NOT IMPLEMENTED: content hash generation for the ${directive} CSP directive is currently not implemented. Use 'unsafe-inline' instead.`
+  debug(
+    `CSP directive ${directive}: parse HTML and compute ${algorithm} hashes`
   )
+
+  const hashes = await hashesStyleSrcAttr({ algorithm, patterns })
+
+  debug(`CSP directive ${directive}: allow hashes %O`, hashes)
+
+  return cspSourceValues({
+    algorithm,
+    hashes,
+    values: directives[directive]
+  })
 }
 
 /**
diff --git a/scripts/test.mjs b/scripts/test.mjs
index 53de9524..5cb05fb0 100755
--- a/scripts/test.mjs
+++ b/scripts/test.mjs
@@ -3,7 +3,6 @@
 import 'zx/globals'
 import { spawn } from 'node:child_process'
 import { throwIfInvokedFromMonorepoRoot } from './utils.mjs'
-import { argv } from 'node:process'
 
 // Usage (from a package root):
 // ../../scripts/test.mjs

From 482e12e8316e35dd9c4f599792d57de62717f759 Mon Sep 17 00:00:00 2001
From: Giacomo Debidda <giacomo@giacomodebidda.com>
Date: Thu, 29 Sep 2022 00:02:32 +0200
Subject: [PATCH 08/15] feat(scripts): add demo for content-security-policy

---
 packages/scripts/package.json                 |  1 +
 .../src/demo/content-security-policy.ts       | 68 +++++++++++++++++++
 2 files changed, 69 insertions(+)
 create mode 100644 packages/scripts/src/demo/content-security-policy.ts

diff --git a/packages/scripts/package.json b/packages/scripts/package.json
index 4bf8bc68..7d4d0731 100644
--- a/packages/scripts/package.json
+++ b/packages/scripts/package.json
@@ -41,6 +41,7 @@
     "@google-cloud/monitoring": "^3.0.1",
     "@google-cloud/pubsub": "^3.1.1",
     "@google-cloud/tasks": "^3.0.2",
+    "@jackdbd/content-security-policy": "*",
     "@jackdbd/tags-logger": "^1.1.0",
     "debug": "4.3.4",
     "esbuild": "0.15.7",
diff --git a/packages/scripts/src/demo/content-security-policy.ts b/packages/scripts/src/demo/content-security-policy.ts
new file mode 100644
index 00000000..e481f426
--- /dev/null
+++ b/packages/scripts/src/demo/content-security-policy.ts
@@ -0,0 +1,68 @@
+import path from 'node:path'
+import PrettyError from 'pretty-error'
+import { cspJSON } from '@jackdbd/content-security-policy'
+import { monorepoRoot } from '@jackdbd/utils/path'
+
+const pe = new PrettyError()
+
+const main = async () => {
+  const directives = {
+    'base-uri': ['self'],
+
+    'connect-src': [
+      'self',
+      'cloudflareinsights.com',
+      'plausible.io',
+      'res.cloudinary.com'
+    ],
+
+    'default-src': ['none'],
+
+    'font-src': ['self'],
+
+    'frame-src': [
+      'https://www.youtube.com/embed/',
+      'https://www.youtube-nocookie.com/',
+      'https://player.vimeo.com/video/'
+    ],
+
+    'img-src': [
+      'self',
+      'github.com',
+      'raw.githubusercontent.com',
+      'res.cloudinary.com'
+    ],
+
+    // https://makandracards.com/makandra/503862-using-inline-event-handlers-with-a-strict-content-security-policy-csp
+    'script-src-attr': ['self', 'unsafe-hashes', 'sha256'],
+
+    'script-src-elem': [
+      'self',
+      'https://plausible.io/js/plausible.js',
+      'https://static.cloudflareinsights.com/beacon.min.js',
+      'https://unpkg.com/htm/preact/standalone.module.js'
+    ],
+
+    // https://content-security-policy.com/examples/allow-inline-style/
+    'style-src-attr': ['self', 'unsafe-hashes', 'sha256'],
+
+    'style-src-elem': ['self', 'sha256'],
+
+    'worker-src': ['self']
+  }
+
+  //   const patterns = ['assets/html-pages/**/*.html']
+  const patterns = [
+    path.join(monorepoRoot(), 'assets', 'html-pages', '**/*.html')
+  ]
+
+  try {
+    const obj = await cspJSON({ directives, patterns })
+    console.log(`\nHere is the Content-Security-Policy\n`)
+    console.log(obj)
+  } catch (err: any) {
+    console.log(pe.render(err))
+  }
+}
+
+main()

From 11c8d22dc4defe7a6ac9e70214b846716f04d81e Mon Sep 17 00:00:00 2001
From: semantic-release-bot <semantic-release-bot@martynus.net>
Date: Wed, 28 Sep 2022 22:04:17 +0000
Subject: [PATCH 09/15] chore(content-security-policy): release
 v.1.0.0-canary.4 [skip ci]

## @jackdbd/content-security-policy [1.0.0-canary.4](https://github.com/jackdbd/calderone/compare/@jackdbd/content-security-policy@1.0.0-canary.3...@jackdbd/content-security-policy@1.0.0-canary.4) (2022-09-28)

### Features

* **content-security-policy:** autogenerate hashes for inline script/style ([b1a40f6](https://github.com/jackdbd/calderone/commit/b1a40f630250d5d3d18bc2171d0875c357fe33e2))
---
 packages/content-security-policy/CHANGELOG.md | 7 +++++++
 packages/content-security-policy/package.json | 2 +-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/packages/content-security-policy/CHANGELOG.md b/packages/content-security-policy/CHANGELOG.md
index 977c7950..d4049e62 100644
--- a/packages/content-security-policy/CHANGELOG.md
+++ b/packages/content-security-policy/CHANGELOG.md
@@ -1,5 +1,12 @@
 # CHANGELOG
 
+## @jackdbd/content-security-policy [1.0.0-canary.4](https://github.com/jackdbd/calderone/compare/@jackdbd/content-security-policy@1.0.0-canary.3...@jackdbd/content-security-policy@1.0.0-canary.4) (2022-09-28)
+
+
+### Features
+
+* **content-security-policy:** autogenerate hashes for inline script/style ([b1a40f6](https://github.com/jackdbd/calderone/commit/b1a40f630250d5d3d18bc2171d0875c357fe33e2))
+
 ## @jackdbd/content-security-policy [1.0.0-canary.3](https://github.com/jackdbd/calderone/compare/@jackdbd/content-security-policy@1.0.0-canary.2...@jackdbd/content-security-policy@1.0.0-canary.3) (2022-09-28)
 
 
diff --git a/packages/content-security-policy/package.json b/packages/content-security-policy/package.json
index b41d59a6..ed6d1228 100644
--- a/packages/content-security-policy/package.json
+++ b/packages/content-security-policy/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@jackdbd/content-security-policy",
-  "version": "1.0.0-canary.3",
+  "version": "1.0.0-canary.4",
   "description": "",
   "author": {
     "name": "Giacomo Debidda",

From 05083d529948919ef746ae9eb21afdd35d24a156 Mon Sep 17 00:00:00 2001
From: Giacomo Debidda <giacomo@giacomodebidda.com>
Date: Tue, 4 Oct 2022 16:44:41 +0200
Subject: [PATCH 10/15] test(secret-manager-utils): add scripts to
 create/delete secret

---
 packages/secret-manager-utils/package.json |  9 +++--
 scripts/create-test-secret.mjs             | 39 ++++++++++++++++++++++
 scripts/delete-test-secret.mjs             | 28 ++++++++++++++++
 3 files changed, 73 insertions(+), 3 deletions(-)
 create mode 100755 scripts/create-test-secret.mjs
 create mode 100755 scripts/delete-test-secret.mjs

diff --git a/packages/secret-manager-utils/package.json b/packages/secret-manager-utils/package.json
index eaa54fbb..3a5fb406 100644
--- a/packages/secret-manager-utils/package.json
+++ b/packages/secret-manager-utils/package.json
@@ -65,9 +65,12 @@
     "nuke": "npm run clean && rimraf node_modules 'package-lock.json'",
     "precommit": "lint-staged --config ../../config/lint-staged.cjs",
     "size": "pkg-size ./lib --sort-by=brotli --ignore-files {*.d.ts,*.map}",
-    "test": "../../scripts/test.mjs",
-    "test:ci": "../../scripts/test.mjs --ci",
-    "test:watch": "npm run test -- --watch"
+    "pretest": "../../scripts/create-test-secret.mjs",
+    "test": "../../scripts/test.mjs --runInBand --detectOpenHandles",
+    "posttest": "../../scripts/delete-test-secret.mjs",
+    "pretest:ci": "../../scripts/create-test-secret.mjs",
+    "test:ci": "../../scripts/test.mjs --runInBand --detectOpenHandles --ci",
+    "posttest:ci": "../../scripts/delete-test-secret.mjs"
   },
   "dependencies": {},
   "peerDependencies": {
diff --git a/scripts/create-test-secret.mjs b/scripts/create-test-secret.mjs
new file mode 100755
index 00000000..cf2f4d48
--- /dev/null
+++ b/scripts/create-test-secret.mjs
@@ -0,0 +1,39 @@
+#!/usr/bin/env zx
+
+import 'zx/globals'
+import { SecretManagerServiceClient } from '@google-cloud/secret-manager'
+import { jsonSecret, throwIfInvokedFromMonorepoRoot } from './utils.mjs'
+
+// Usage (from a package root):
+// ../../scripts/create-test-secret.mjs
+
+throwIfInvokedFromMonorepoRoot(process.env.PWD)
+
+const { client_email, private_key, project_id } = jsonSecret(
+  'sa-secret-manager-admin-test'
+)
+
+const secret_manager = new SecretManagerServiceClient({
+  credentials: { client_email, private_key },
+  projectId: project_id
+})
+
+const secret_name = 'TEST_SECRET'
+
+try {
+  const [secret] = await secret_manager.createSecret({
+    parent: `projects/${project_id}`,
+    secret: {
+      name: secret_name,
+      labels: { customer: 'personal' },
+      replication: {
+        automatic: {}
+      }
+    },
+    secretId: secret_name
+  })
+
+  console.log(chalk.yellow(`created secret ${secret.name}`))
+} catch (err) {
+  console.log(chalk.red(err.message))
+}
diff --git a/scripts/delete-test-secret.mjs b/scripts/delete-test-secret.mjs
new file mode 100755
index 00000000..227f4965
--- /dev/null
+++ b/scripts/delete-test-secret.mjs
@@ -0,0 +1,28 @@
+#!/usr/bin/env zx
+
+import 'zx/globals'
+import { SecretManagerServiceClient } from '@google-cloud/secret-manager'
+import { jsonSecret, throwIfInvokedFromMonorepoRoot } from './utils.mjs'
+
+// Usage (from a package root):
+// ../../scripts/delete-test-secret.mjs
+
+throwIfInvokedFromMonorepoRoot(process.env.PWD)
+
+const { client_email, private_key, project_id } = jsonSecret(
+  'sa-secret-manager-admin-test'
+)
+
+const secret_manager = new SecretManagerServiceClient({
+  credentials: { client_email, private_key },
+  projectId: project_id
+})
+
+const secret_name = 'TEST_SECRET'
+const name = `projects/${project_id}/secrets/${secret_name}`
+
+await secret_manager.deleteSecret({ name })
+
+console.log(
+  chalk.yellow(`deleted secret ${secret_name} in project ${project_id}`)
+)

From fdbc4dc0b7a473066e402fdf773d6e6cdb4f4556 Mon Sep 17 00:00:00 2001
From: Giacomo Debidda <giacomo@giacomodebidda.com>
Date: Tue, 4 Oct 2022 17:33:04 +0200
Subject: [PATCH 11/15] docs(content-security-policy): improve README and
 rebuild docs

---
 .../assets/highlight.css                      |  49 ++++++
 .../functions/cspDirectives.html              |   2 +-
 .../functions/cspHeader.html                  |   2 +-
 .../functions/cspJSON.html                    |   2 +-
 .../functions/validationErrorOrWarnings.html  |   2 +-
 docs/content-security-policy/index.html       |  51 +++++-
 .../interfaces/Config.html                    |   6 +-
 .../interfaces/Directives.html                |   2 +-
 .../ValidationErrorOrWarningsConfig.html      |   6 +-
 .../variables/recommended_policy.html         |   2 +-
 .../variables/starter_policy.html             |   2 +-
 package.json                                  |   1 +
 packages/content-security-policy/README.md    |  64 +++++++-
 .../src/demo/content-security-policy.ts       | 145 +++++++++++++-----
 14 files changed, 281 insertions(+), 55 deletions(-)

diff --git a/docs/content-security-policy/assets/highlight.css b/docs/content-security-policy/assets/highlight.css
index 1b78686f..a799c3f1 100644
--- a/docs/content-security-policy/assets/highlight.css
+++ b/docs/content-security-policy/assets/highlight.css
@@ -1,29 +1,78 @@
 :root {
     --light-hl-0: #000000;
     --dark-hl-0: #D4D4D4;
+    --light-hl-1: #AF00DB;
+    --dark-hl-1: #C586C0;
+    --light-hl-2: #001080;
+    --dark-hl-2: #9CDCFE;
+    --light-hl-3: #A31515;
+    --dark-hl-3: #CE9178;
+    --light-hl-4: #008000;
+    --dark-hl-4: #6A9955;
+    --light-hl-5: #0000FF;
+    --dark-hl-5: #569CD6;
+    --light-hl-6: #0070C1;
+    --dark-hl-6: #4FC1FF;
+    --light-hl-7: #795E26;
+    --dark-hl-7: #DCDCAA;
     --light-code-background: #FFFFFF;
     --dark-code-background: #1E1E1E;
 }
 
 @media (prefers-color-scheme: light) { :root {
     --hl-0: var(--light-hl-0);
+    --hl-1: var(--light-hl-1);
+    --hl-2: var(--light-hl-2);
+    --hl-3: var(--light-hl-3);
+    --hl-4: var(--light-hl-4);
+    --hl-5: var(--light-hl-5);
+    --hl-6: var(--light-hl-6);
+    --hl-7: var(--light-hl-7);
     --code-background: var(--light-code-background);
 } }
 
 @media (prefers-color-scheme: dark) { :root {
     --hl-0: var(--dark-hl-0);
+    --hl-1: var(--dark-hl-1);
+    --hl-2: var(--dark-hl-2);
+    --hl-3: var(--dark-hl-3);
+    --hl-4: var(--dark-hl-4);
+    --hl-5: var(--dark-hl-5);
+    --hl-6: var(--dark-hl-6);
+    --hl-7: var(--dark-hl-7);
     --code-background: var(--dark-code-background);
 } }
 
 :root[data-theme='light'] {
     --hl-0: var(--light-hl-0);
+    --hl-1: var(--light-hl-1);
+    --hl-2: var(--light-hl-2);
+    --hl-3: var(--light-hl-3);
+    --hl-4: var(--light-hl-4);
+    --hl-5: var(--light-hl-5);
+    --hl-6: var(--light-hl-6);
+    --hl-7: var(--light-hl-7);
     --code-background: var(--light-code-background);
 }
 
 :root[data-theme='dark'] {
     --hl-0: var(--dark-hl-0);
+    --hl-1: var(--dark-hl-1);
+    --hl-2: var(--dark-hl-2);
+    --hl-3: var(--dark-hl-3);
+    --hl-4: var(--dark-hl-4);
+    --hl-5: var(--dark-hl-5);
+    --hl-6: var(--dark-hl-6);
+    --hl-7: var(--dark-hl-7);
     --code-background: var(--dark-code-background);
 }
 
 .hl-0 { color: var(--hl-0); }
+.hl-1 { color: var(--hl-1); }
+.hl-2 { color: var(--hl-2); }
+.hl-3 { color: var(--hl-3); }
+.hl-4 { color: var(--hl-4); }
+.hl-5 { color: var(--hl-5); }
+.hl-6 { color: var(--hl-6); }
+.hl-7 { color: var(--hl-7); }
 pre, code { background: var(--code-background); }
diff --git a/docs/content-security-policy/functions/cspDirectives.html b/docs/content-security-policy/functions/cspDirectives.html
index a653ccdf..9ff3fd32 100644
--- a/docs/content-security-policy/functions/cspDirectives.html
+++ b/docs/content-security-policy/functions/cspDirectives.html
@@ -24,7 +24,7 @@ <h4 class="tsd-parameters-title">Parameters</h4>
 <h5>__namedParameters: <a href="../interfaces/Config.html" class="tsd-signature-type" data-tsd-kind="Interface">Config</a></h5></li></ul></div>
 <h4 class="tsd-returns-title">Returns <span class="tsd-signature-type">Promise</span><span class="tsd-signature-symbol">&lt;</span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol">&gt;</span></h4><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/csp-directives.ts#L24">csp-directives.ts:24</a></li></ul></aside></li></ul></section></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/05083d5/packages/content-security-policy/src/csp-directives.ts#L24">csp-directives.ts:24</a></li></ul></aside></li></ul></section></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
diff --git a/docs/content-security-policy/functions/cspHeader.html b/docs/content-security-policy/functions/cspHeader.html
index 06514089..0f0a9115 100644
--- a/docs/content-security-policy/functions/cspHeader.html
+++ b/docs/content-security-policy/functions/cspHeader.html
@@ -24,7 +24,7 @@ <h4 class="tsd-parameters-title">Parameters</h4>
 <h5>__namedParameters: <a href="../interfaces/Config.html" class="tsd-signature-type" data-tsd-kind="Interface">Config</a></h5></li></ul></div>
 <h4 class="tsd-returns-title">Returns <span class="tsd-signature-type">Promise</span><span class="tsd-signature-symbol">&lt;</span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">&gt;</span></h4><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/csp-directives.ts#L107">csp-directives.ts:107</a></li></ul></aside></li></ul></section></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/05083d5/packages/content-security-policy/src/csp-directives.ts#L107">csp-directives.ts:107</a></li></ul></aside></li></ul></section></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
diff --git a/docs/content-security-policy/functions/cspJSON.html b/docs/content-security-policy/functions/cspJSON.html
index f76757e0..74ccab4b 100644
--- a/docs/content-security-policy/functions/cspJSON.html
+++ b/docs/content-security-policy/functions/cspJSON.html
@@ -24,7 +24,7 @@ <h4 class="tsd-parameters-title">Parameters</h4>
 <h5>__namedParameters: <a href="../interfaces/Config.html" class="tsd-signature-type" data-tsd-kind="Interface">Config</a></h5></li></ul></div>
 <h4 class="tsd-returns-title">Returns <span class="tsd-signature-type">Promise</span><span class="tsd-signature-symbol">&lt;</span><span class="tsd-signature-symbol">{}</span><span class="tsd-signature-symbol">&gt;</span></h4><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/csp-directives.ts#L119">csp-directives.ts:119</a></li></ul></aside></li></ul></section></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/05083d5/packages/content-security-policy/src/csp-directives.ts#L119">csp-directives.ts:119</a></li></ul></aside></li></ul></section></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
diff --git a/docs/content-security-policy/functions/validationErrorOrWarnings.html b/docs/content-security-policy/functions/validationErrorOrWarnings.html
index f3fe45f3..ad7d8c09 100644
--- a/docs/content-security-policy/functions/validationErrorOrWarnings.html
+++ b/docs/content-security-policy/functions/validationErrorOrWarnings.html
@@ -24,7 +24,7 @@ <h4 class="tsd-parameters-title">Parameters</h4>
 <h5>__namedParameters: <a href="../interfaces/ValidationErrorOrWarningsConfig.html" class="tsd-signature-type" data-tsd-kind="Interface">ValidationErrorOrWarningsConfig</a></h5></li></ul></div>
 <h4 class="tsd-returns-title">Returns <span class="tsd-signature-symbol">{ </span>error<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">undefined</span><span class="tsd-signature-symbol">; </span>warnings<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol"> }</span><span class="tsd-signature-symbol"> | </span><span class="tsd-signature-symbol">{ </span>error<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">Error</span><span class="tsd-signature-symbol">; </span>warnings<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span><span class="tsd-signature-symbol"> }</span></h4><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/errors.ts#L15">errors.ts:15</a></li></ul></aside></li></ul></section></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/05083d5/packages/content-security-policy/src/errors.ts#L15">errors.ts:15</a></li></ul></aside></li></ul></section></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
diff --git a/docs/content-security-policy/index.html b/docs/content-security-policy/index.html
index 1f04683e..3fdf3d2f 100644
--- a/docs/content-security-policy/index.html
+++ b/docs/content-security-policy/index.html
@@ -16,14 +16,25 @@ <h1>@jackdbd/content-security-policy</h1>
 </a>
 <p><a href="https://badge.fury.io/js/@jackdbd%2Fcontent-security-policy"><img src="https://badge.fury.io/js/@jackdbd%2Fcontent-security-policy.svg" alt="npm version"></a>
 <img src="https://img.shields.io/snyk/vulnerabilities/npm/@jackdbd%2Fcontent-security-policy" alt="Snyk Vulnerabilities for npm package"></p>
-<p>Description...</p>
+<p>Content-Security-Policy in JavaScript, with validation and automatic hashes.</p>
+<p>This package validates your Content-Security-Policy directives and calculates a crypographic hash (SHA-256, SHA-384 or SHA-512) for all inline scripts and styles that finds in each HTML file.</p>
+<blockquote>
+<p>:information_source: <strong>Note:</strong></p>
+<p>:question: If your site is built with <a href="https://www.11ty.dev/">Eleventy</a>, you can also use <a href="https://www.npmjs.com/package/@jackdbd/eleventy-plugin-content-security-policy">@jackdbd/eleventy-plugin-content-security-policy</a>, which also take care of writing the Content-Security-Policy header in a <code>_headers</code> file.</p>
+</blockquote>
 <!-- START doctoc generated TOC please keep comment here to allow auto update -->
 <!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
 <details><summary>Table of Contents</summary>
 
 <ul>
 <li><a href="#installation">Installation</a></li>
+<li><a href="#usage">Usage</a></li>
+<li><a href="#configuration">Configuration</a><ul>
+<li><a href="#required-parameters">Required parameters</a></li>
+</ul>
+</li>
 <li><a href="#api">API</a></li>
+<li><a href="#prior-art">Prior art</a></li>
 </ul>
 <!-- END doctoc generated TOC please keep comment here to allow auto update -->
 </details>
@@ -35,10 +46,48 @@ <h2>Installation</h2>
 <pre><code class="language-sh"><span class="hl-0">npm install @jackdbd/content-security-policy</span>
 </code></pre>
 
+<a href="#usage" id="usage" style="color: inherit; text-decoration: none;">
+  <h2>Usage</h2>
+</a>
+<pre><code class="language-js"><span class="hl-1">import</span><span class="hl-0"> </span><span class="hl-2">path</span><span class="hl-0"> </span><span class="hl-1">from</span><span class="hl-0"> </span><span class="hl-3">&#39;node:path&#39;</span><br/><span class="hl-4">// pick the format you prefer: object, header (single string), directives (N strings)</span><br/><span class="hl-1">import</span><span class="hl-0"> {</span><br/><span class="hl-0">  </span><span class="hl-2">cspJSON</span><span class="hl-0">,</span><br/><span class="hl-0">  </span><span class="hl-2">cspHeader</span><span class="hl-0">,</span><br/><span class="hl-0">  </span><span class="hl-2">cspDirectives</span><br/><span class="hl-0">} </span><span class="hl-1">from</span><span class="hl-0"> </span><span class="hl-3">&#39;@jackdbd/content-security-policy&#39;</span><br/><br/><span class="hl-4">// the Content-Security-Policy header is made of directives.</span><br/><span class="hl-4">// If you don&#39;t know where to start, use one of the following policies:</span><br/><span class="hl-1">import</span><span class="hl-0"> {</span><br/><span class="hl-0">  </span><span class="hl-2">starter_policy</span><span class="hl-0">,</span><br/><span class="hl-0">  </span><span class="hl-2">recommended_policy</span><br/><span class="hl-0">} </span><span class="hl-1">from</span><span class="hl-0"> </span><span class="hl-3">&#39;@jackdbd/content-security-policy/policies&#39;</span><br/><br/><span class="hl-5">const</span><span class="hl-0"> </span><span class="hl-6">directives</span><span class="hl-0"> = </span><span class="hl-2">recommended_policy</span><br/><br/><span class="hl-5">const</span><span class="hl-0"> </span><span class="hl-6">patterns</span><span class="hl-0"> = [</span><br/><span class="hl-0">  </span><span class="hl-4">// e.g. for a Eleventy site</span><br/><span class="hl-0">  </span><span class="hl-2">path</span><span class="hl-0">.</span><span class="hl-7">join</span><span class="hl-0">(</span><span class="hl-3">&#39;_site&#39;</span><span class="hl-0">, </span><span class="hl-3">&#39;**/*.html&#39;</span><span class="hl-0">)</span><br/><span class="hl-0">]</span><br/><br/><span class="hl-5">const</span><span class="hl-0"> </span><span class="hl-6">obj</span><span class="hl-0"> = </span><span class="hl-1">await</span><span class="hl-0"> </span><span class="hl-7">cspJSON</span><span class="hl-0">({ </span><span class="hl-2">directives</span><span class="hl-0">, </span><span class="hl-2">patterns</span><span class="hl-0"> })</span><br/><span class="hl-2">console</span><span class="hl-0">.</span><span class="hl-7">log</span><span class="hl-0">(</span><span class="hl-3">`Content-Security-Policy (as Object)`</span><span class="hl-0">)</span><br/><span class="hl-2">console</span><span class="hl-0">.</span><span class="hl-7">log</span><span class="hl-0">(</span><span class="hl-2">obj</span><span class="hl-0">)</span><br/><br/><span class="hl-5">const</span><span class="hl-0"> </span><span class="hl-6">header</span><span class="hl-0"> = </span><span class="hl-1">await</span><span class="hl-0"> </span><span class="hl-7">cspHeader</span><span class="hl-0">({ </span><span class="hl-2">directives</span><span class="hl-0">, </span><span class="hl-2">patterns</span><span class="hl-0"> })</span><br/><span class="hl-2">console</span><span class="hl-0">.</span><span class="hl-7">log</span><span class="hl-0">(</span><span class="hl-3">`Content-Security-Policy (as header)`</span><span class="hl-0">)</span><br/><span class="hl-2">console</span><span class="hl-0">.</span><span class="hl-7">log</span><span class="hl-0">(</span><span class="hl-2">header</span><span class="hl-0">)</span><br/><br/><span class="hl-5">const</span><span class="hl-0"> </span><span class="hl-6">strings</span><span class="hl-0"> = </span><span class="hl-1">await</span><span class="hl-0"> </span><span class="hl-7">cspDirectives</span><span class="hl-0">({ </span><span class="hl-2">directives</span><span class="hl-0">, </span><span class="hl-2">patterns</span><span class="hl-0"> })</span><br/><span class="hl-2">console</span><span class="hl-0">.</span><span class="hl-7">log</span><span class="hl-0">(</span><span class="hl-3">`Content-Security-Policy (as strings)`</span><span class="hl-0">)</span><br/><span class="hl-2">console</span><span class="hl-0">.</span><span class="hl-7">log</span><span class="hl-0">(</span><span class="hl-2">strings</span><span class="hl-0">)</span>
+</code></pre>
+
+<a href="#configuration" id="configuration" style="color: inherit; text-decoration: none;">
+  <h2>Configuration</h2>
+</a>
+
+<a href="#required-parameters" id="required-parameters" style="color: inherit; text-decoration: none;">
+  <h3>Required parameters</h3>
+</a>
+<table>
+<thead>
+<tr>
+<th>Parameter</th>
+<th>Explanation</th>
+</tr>
+</thead>
+<tbody><tr>
+<td><code>directives</code></td>
+<td><a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy#directives">Directives</a> for the Content-Security-Policy (or Content-Security-Policy-Report-Only) header.</td>
+</tr>
+<tr>
+<td><code>patterns</code></td>
+<td>glob patterns for your <code>.html</code> files.</td>
+</tr>
+</tbody></table>
+
 <a href="#api" id="api" style="color: inherit; text-decoration: none;">
   <h2>API</h2>
 </a>
 <p><a href="https://jackdbd.github.io/calderone/content-security-policy/">API docs generated with TypeDoc</a></p>
+
+<a href="#prior-art" id="prior-art" style="color: inherit; text-decoration: none;">
+  <h2>Prior art</h2>
+</a>
+<ul>
+<li><a href="https://github.com/MarcelloTheArcane/netlify-plugin-csp-generator">netlify-plugin-csp-generator</a></li>
+<li><a href="https://github.com/papandreou/seespee">seespee</a></li>
+</ul>
 </div></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
diff --git a/docs/content-security-policy/interfaces/Config.html b/docs/content-security-policy/interfaces/Config.html
index ba841b27..133ac27b 100644
--- a/docs/content-security-policy/interfaces/Config.html
+++ b/docs/content-security-policy/interfaces/Config.html
@@ -18,7 +18,7 @@ <h4>Hierarchy</h4>
 <ul class="tsd-hierarchy">
 <li><span class="target">Config</span></li></ul></section><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/csp-directives.ts#L16">csp-directives.ts:16</a></li></ul></aside>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/05083d5/packages/content-security-policy/src/csp-directives.ts#L16">csp-directives.ts:16</a></li></ul></aside>
 <section class="tsd-panel-group tsd-index-group">
 <section class="tsd-panel tsd-index-panel">
 <details class="tsd-index-content tsd-index-accordion" open><summary class="tsd-accordion-summary tsd-index-summary">
@@ -35,12 +35,12 @@ <h2>Properties</h2>
 <h3 class="tsd-anchor-link"><span>directives</span><a href="#directives" aria-label="Permalink" class="tsd-anchor-icon"><svg class="icon icon-tabler icon-tabler-link" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none" id="icon-anchor-a"></path><path d="M10 14a3.5 3.5 0 0 0 5 0l4 -4a3.5 3.5 0 0 0 -5 -5l-.5 .5" id="icon-anchor-b"></path><path d="M14 10a3.5 3.5 0 0 0 -5 0l-4 4a3.5 3.5 0 0 0 5 5l.5 -.5" id="icon-anchor-c"></path></svg></a></h3>
 <div class="tsd-signature">directives<span class="tsd-signature-symbol">:</span> <a href="Directives.html" class="tsd-signature-type" data-tsd-kind="Interface">Directives</a></div><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/csp-directives.ts#L17">csp-directives.ts:17</a></li></ul></aside></section>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/05083d5/packages/content-security-policy/src/csp-directives.ts#L17">csp-directives.ts:17</a></li></ul></aside></section>
 <section class="tsd-panel tsd-member tsd-kind-property tsd-parent-kind-interface"><a id="patterns" class="tsd-anchor"></a>
 <h3 class="tsd-anchor-link"><span>patterns</span><a href="#patterns" aria-label="Permalink" class="tsd-anchor-icon"><svg class="icon icon-tabler icon-tabler-link" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><use href="#icon-anchor-a"></use><use href="#icon-anchor-b"></use><use href="#icon-anchor-c"></use></svg></a></h3>
 <div class="tsd-signature">patterns<span class="tsd-signature-symbol">:</span> <span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></div><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/csp-directives.ts#L18">csp-directives.ts:18</a></li></ul></aside></section></section></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/05083d5/packages/content-security-policy/src/csp-directives.ts#L18">csp-directives.ts:18</a></li></ul></aside></section></section></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
diff --git a/docs/content-security-policy/interfaces/Directives.html b/docs/content-security-policy/interfaces/Directives.html
index 396ee8aa..bf01ced8 100644
--- a/docs/content-security-policy/interfaces/Directives.html
+++ b/docs/content-security-policy/interfaces/Directives.html
@@ -21,7 +21,7 @@ <h4>Hierarchy</h4>
 <h4 class="tsd-before-signature">Indexable</h4>
 <div class="tsd-signature"><span class="tsd-signature-symbol">[</span>k: <span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">]: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></div></section><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/directives.ts#L90">directives.ts:90</a></li></ul></aside></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/05083d5/packages/content-security-policy/src/directives.ts#L90">directives.ts:90</a></li></ul></aside></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
diff --git a/docs/content-security-policy/interfaces/ValidationErrorOrWarningsConfig.html b/docs/content-security-policy/interfaces/ValidationErrorOrWarningsConfig.html
index 89468e07..4b521e26 100644
--- a/docs/content-security-policy/interfaces/ValidationErrorOrWarningsConfig.html
+++ b/docs/content-security-policy/interfaces/ValidationErrorOrWarningsConfig.html
@@ -18,7 +18,7 @@ <h4>Hierarchy</h4>
 <ul class="tsd-hierarchy">
 <li><span class="target">ValidationErrorOrWarningsConfig</span></li></ul></section><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/errors.ts#L7">errors.ts:7</a></li></ul></aside>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/05083d5/packages/content-security-policy/src/errors.ts#L7">errors.ts:7</a></li></ul></aside>
 <section class="tsd-panel-group tsd-index-group">
 <section class="tsd-panel tsd-index-panel">
 <details class="tsd-index-content tsd-index-accordion" open><summary class="tsd-accordion-summary tsd-index-summary">
@@ -35,12 +35,12 @@ <h2>Properties</h2>
 <h3 class="tsd-anchor-link"><span>allow<wbr/>Deprecated<wbr/>Directives</span><a href="#allowDeprecatedDirectives" aria-label="Permalink" class="tsd-anchor-icon"><svg class="icon icon-tabler icon-tabler-link" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none" id="icon-anchor-a"></path><path d="M10 14a3.5 3.5 0 0 0 5 0l4 -4a3.5 3.5 0 0 0 -5 -5l-.5 .5" id="icon-anchor-b"></path><path d="M14 10a3.5 3.5 0 0 0 -5 0l-4 4a3.5 3.5 0 0 0 5 5l.5 -.5" id="icon-anchor-c"></path></svg></a></h3>
 <div class="tsd-signature">allow<wbr/>Deprecated<wbr/>Directives<span class="tsd-signature-symbol">:</span> <span class="tsd-signature-type">boolean</span></div><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/errors.ts#L8">errors.ts:8</a></li></ul></aside></section>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/05083d5/packages/content-security-policy/src/errors.ts#L8">errors.ts:8</a></li></ul></aside></section>
 <section class="tsd-panel tsd-member tsd-kind-property tsd-parent-kind-interface"><a id="error" class="tsd-anchor"></a>
 <h3 class="tsd-anchor-link"><span>error</span><a href="#error" aria-label="Permalink" class="tsd-anchor-icon"><svg class="icon icon-tabler icon-tabler-link" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><use href="#icon-anchor-a"></use><use href="#icon-anchor-b"></use><use href="#icon-anchor-c"></use></svg></a></h3>
 <div class="tsd-signature">error<span class="tsd-signature-symbol">:</span> <span class="tsd-signature-type">any</span></div><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/errors.ts#L9">errors.ts:9</a></li></ul></aside></section></section></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/05083d5/packages/content-security-policy/src/errors.ts#L9">errors.ts:9</a></li></ul></aside></section></section></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
diff --git a/docs/content-security-policy/variables/recommended_policy.html b/docs/content-security-policy/variables/recommended_policy.html
index 7ccf429e..d6970d28 100644
--- a/docs/content-security-policy/variables/recommended_policy.html
+++ b/docs/content-security-policy/variables/recommended_policy.html
@@ -59,7 +59,7 @@ <h5>style-<wbr/>src<span class="tsd-signature-symbol">: </span><span class="tsd-
 <li class="tsd-parameter">
 <h5>upgrade-<wbr/>insecure-<wbr/>requests<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">boolean</span></h5></li></ul></div><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/policies.ts#L30">policies.ts:30</a></li></ul></aside></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/05083d5/packages/content-security-policy/src/policies.ts#L30">policies.ts:30</a></li></ul></aside></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
diff --git a/docs/content-security-policy/variables/starter_policy.html b/docs/content-security-policy/variables/starter_policy.html
index 4d3d5033..889d2ade 100644
--- a/docs/content-security-policy/variables/starter_policy.html
+++ b/docs/content-security-policy/variables/starter_policy.html
@@ -35,7 +35,7 @@ <h5>script-<wbr/>src<span class="tsd-signature-symbol">: </span><span class="tsd
 <li class="tsd-parameter">
 <h5>style-<wbr/>src<span class="tsd-signature-symbol">: </span><span class="tsd-signature-type">string</span><span class="tsd-signature-symbol">[]</span></h5></li></ul></div><aside class="tsd-sources">
 <ul>
-<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/8dc7aec/packages/content-security-policy/src/policies.ts#L5">policies.ts:5</a></li></ul></aside></div>
+<li>Defined in <a href="https://github.com/jackdbd/calderone/blob/05083d5/packages/content-security-policy/src/policies.ts#L5">policies.ts:5</a></li></ul></aside></div>
 <div class="col-4 col-menu menu-sticky-wrap menu-highlight">
 <div class="tsd-navigation settings">
 <details class="tsd-index-accordion"><summary class="tsd-accordion-summary">
diff --git a/package.json b/package.json
index 8a1e6ed2..aa326973 100644
--- a/package.json
+++ b/package.json
@@ -37,6 +37,7 @@
     "build:libs": "tsc --build --verbose",
     "build:libs:watch": "tsc --build --watch",
     "clean": "npm run clean --workspaces --if-present",
+    "demo:csp": "tsm packages/scripts/src/demo/content-security-policy.ts --policy custom",
     "dev:scripts": "run-p build:libs:watch build:scripts:watch",
     "format": "npm run format --workspaces --if-present",
     "lint": "npm run lint --workspaces --if-present",
diff --git a/packages/content-security-policy/README.md b/packages/content-security-policy/README.md
index 0548ab34..ed25aac3 100644
--- a/packages/content-security-policy/README.md
+++ b/packages/content-security-policy/README.md
@@ -3,14 +3,24 @@
 [![npm version](https://badge.fury.io/js/@jackdbd%2Fcontent-security-policy.svg)](https://badge.fury.io/js/@jackdbd%2Fcontent-security-policy)
 ![Snyk Vulnerabilities for npm package](https://img.shields.io/snyk/vulnerabilities/npm/@jackdbd%2Fcontent-security-policy)
 
-Description...
+Content-Security-Policy in JavaScript, with validation and automatic hashes.
+
+This package validates your Content-Security-Policy directives and calculates a crypographic hash (SHA-256, SHA-384 or SHA-512) for all inline scripts and styles that finds in each HTML file.
+
+> :information_source: **Note:**
+> 
+> :question: If your site is built with [Eleventy](https://www.11ty.dev/), you can also use [@jackdbd/eleventy-plugin-content-security-policy](https://www.npmjs.com/package/@jackdbd/eleventy-plugin-content-security-policy), which also take care of writing the Content-Security-Policy header in a `_headers` file.
 
 <!-- START doctoc generated TOC please keep comment here to allow auto update -->
 <!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
 <details><summary>Table of Contents</summary>
 
 - [Installation](#installation)
+- [Usage](#usage)
+- [Configuration](#configuration)
+  - [Required parameters](#required-parameters)
 - [API](#api)
+- [Prior art](#prior-art)
 
 <!-- END doctoc generated TOC please keep comment here to allow auto update -->
 </details>
@@ -21,6 +31,58 @@ Description...
 npm install @jackdbd/content-security-policy
 ```
 
+## Usage
+
+```js
+import path from 'node:path'
+// pick the format you prefer: object, header (single string), directives (N strings)
+import {
+  cspJSON,
+  cspHeader,
+  cspDirectives
+} from '@jackdbd/content-security-policy'
+
+// the Content-Security-Policy header is made of directives.
+// If you don't know where to start, use one of the following policies:
+import {
+  starter_policy,
+  recommended_policy
+} from '@jackdbd/content-security-policy/policies'
+
+const directives = recommended_policy
+
+const patterns = [
+  // e.g. for a Eleventy site
+  path.join('_site', '**/*.html')
+]
+
+const obj = await cspJSON({ directives, patterns })
+console.log(`Content-Security-Policy (as Object)`)
+console.log(obj)
+
+const header = await cspHeader({ directives, patterns })
+console.log(`Content-Security-Policy (as header)`)
+console.log(header)
+
+const strings = await cspDirectives({ directives, patterns })
+console.log(`Content-Security-Policy (as strings)`)
+console.log(strings)
+```
+
+## Configuration
+
+### Required parameters
+
+| Parameter | Explanation |
+| --- | --- |
+| `directives` | [Directives](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy#directives) for the Content-Security-Policy (or Content-Security-Policy-Report-Only) header. |
+| `patterns` | glob patterns for your `.html` files. |
+
 ## API
 
 [API docs generated with TypeDoc](https://jackdbd.github.io/calderone/content-security-policy/)
+
+## Prior art
+
+- [netlify-plugin-csp-generator](https://github.com/MarcelloTheArcane/netlify-plugin-csp-generator)
+- [seespee](https://github.com/papandreou/seespee)
diff --git a/packages/scripts/src/demo/content-security-policy.ts b/packages/scripts/src/demo/content-security-policy.ts
index e481f426..c2dd9d71 100644
--- a/packages/scripts/src/demo/content-security-policy.ts
+++ b/packages/scripts/src/demo/content-security-policy.ts
@@ -1,54 +1,99 @@
 import path from 'node:path'
 import PrettyError from 'pretty-error'
-import { cspJSON } from '@jackdbd/content-security-policy'
+import yargs from 'yargs'
+import {
+  cspDirectives,
+  cspHeader,
+  cspJSON
+} from '@jackdbd/content-security-policy'
+import {
+  starter_policy,
+  recommended_policy
+} from '@jackdbd/content-security-policy/policies'
 import { monorepoRoot } from '@jackdbd/utils/path'
 
 const pe = new PrettyError()
 
+interface Argv {
+  format: string
+  policy: string
+}
+
+const DEFAULT: Argv = {
+  format: 'json',
+  policy: 'recommeded'
+}
+
 const main = async () => {
-  const directives = {
-    'base-uri': ['self'],
+  const argv = yargs(process.argv.slice(2))
+    .choices('format', ['directives', 'header', 'json'])
+    .describe('policy', 'which CSP to use')
+    .choices('policy', ['starter', 'recommeded', 'custom'])
+    .default(DEFAULT).argv as Argv
+
+  let directives = {}
+  switch (argv.policy) {
+    case 'custom': {
+      directives = {
+        'base-uri': ['self'],
+
+        'connect-src': [
+          'self',
+          'cloudflareinsights.com',
+          'plausible.io',
+          'res.cloudinary.com'
+        ],
+
+        'default-src': ['none'],
+
+        'font-src': ['self'],
 
-    'connect-src': [
-      'self',
-      'cloudflareinsights.com',
-      'plausible.io',
-      'res.cloudinary.com'
-    ],
+        'frame-src': [
+          'https://www.youtube.com/embed/',
+          'https://www.youtube-nocookie.com/',
+          'https://player.vimeo.com/video/'
+        ],
 
-    'default-src': ['none'],
+        'img-src': [
+          'self',
+          'github.com',
+          'raw.githubusercontent.com',
+          'res.cloudinary.com'
+        ],
 
-    'font-src': ['self'],
+        // https://makandracards.com/makandra/503862-using-inline-event-handlers-with-a-strict-content-security-policy-csp
+        'script-src-attr': ['self', 'unsafe-hashes', 'sha256'],
 
-    'frame-src': [
-      'https://www.youtube.com/embed/',
-      'https://www.youtube-nocookie.com/',
-      'https://player.vimeo.com/video/'
-    ],
+        'script-src-elem': [
+          'self',
+          'https://plausible.io/js/plausible.js',
+          'https://static.cloudflareinsights.com/beacon.min.js',
+          'https://unpkg.com/htm/preact/standalone.module.js'
+        ],
 
-    'img-src': [
-      'self',
-      'github.com',
-      'raw.githubusercontent.com',
-      'res.cloudinary.com'
-    ],
+        // https://content-security-policy.com/examples/allow-inline-style/
+        'style-src-attr': ['self', 'unsafe-hashes', 'sha256'],
 
-    // https://makandracards.com/makandra/503862-using-inline-event-handlers-with-a-strict-content-security-policy-csp
-    'script-src-attr': ['self', 'unsafe-hashes', 'sha256'],
+        'style-src-elem': ['self', 'sha256'],
 
-    'script-src-elem': [
-      'self',
-      'https://plausible.io/js/plausible.js',
-      'https://static.cloudflareinsights.com/beacon.min.js',
-      'https://unpkg.com/htm/preact/standalone.module.js'
-    ],
+        'worker-src': ['self']
+      }
+      break
+    }
 
-    // https://content-security-policy.com/examples/allow-inline-style/
-    'style-src-attr': ['self', 'unsafe-hashes', 'sha256'],
+    case 'recommended': {
+      directives = recommended_policy
+      break
+    }
 
-    'style-src-elem': ['self', 'sha256'],
+    case 'starter': {
+      directives = starter_policy
+      break
+    }
 
-    'worker-src': ['self']
+    default: {
+      directives = recommended_policy
+    }
   }
 
   //   const patterns = ['assets/html-pages/**/*.html']
@@ -56,12 +101,32 @@ const main = async () => {
     path.join(monorepoRoot(), 'assets', 'html-pages', '**/*.html')
   ]
 
-  try {
-    const obj = await cspJSON({ directives, patterns })
-    console.log(`\nHere is the Content-Security-Policy\n`)
-    console.log(obj)
-  } catch (err: any) {
-    console.log(pe.render(err))
+  if (argv.format === 'json') {
+    try {
+      const obj = await cspJSON({ directives, patterns })
+      console.log(`\nHere is the Content-Security-Policy (JSON)\n`)
+      console.log(obj)
+    } catch (err: any) {
+      console.log(pe.render(err))
+    }
+  } else if (argv.format === 'directives') {
+    try {
+      const strings = await cspDirectives({ directives, patterns })
+      console.log(`\nHere is the Content-Security-Policy (directives)\n`)
+      console.log(strings)
+    } catch (err: any) {
+      console.log(pe.render(err))
+    }
+  } else if (argv.format === 'header') {
+    try {
+      const header = await cspHeader({ directives, patterns })
+      console.log(`\nHere is the Content-Security-Policy (header)\n`)
+      console.log(header)
+    } catch (err: any) {
+      console.log(pe.render(err))
+    }
+  } else {
+    throw new Error(`forma ${argv.format} not implemented`)
   }
 }
 

From 8e5abd5e0a1fa917e3b5212646629b1a808b8cca Mon Sep 17 00:00:00 2001
From: semantic-release-bot <semantic-release-bot@martynus.net>
Date: Tue, 4 Oct 2022 15:35:18 +0000
Subject: [PATCH 12/15] chore(content-security-policy): release
 v.1.0.0-canary.5 [skip ci]

## @jackdbd/content-security-policy [1.0.0-canary.5](https://github.com/jackdbd/calderone/compare/@jackdbd/content-security-policy@1.0.0-canary.4...@jackdbd/content-security-policy@1.0.0-canary.5) (2022-10-04)
---
 packages/content-security-policy/CHANGELOG.md | 2 ++
 packages/content-security-policy/package.json | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/packages/content-security-policy/CHANGELOG.md b/packages/content-security-policy/CHANGELOG.md
index d4049e62..63b8a6f4 100644
--- a/packages/content-security-policy/CHANGELOG.md
+++ b/packages/content-security-policy/CHANGELOG.md
@@ -1,5 +1,7 @@
 # CHANGELOG
 
+## @jackdbd/content-security-policy [1.0.0-canary.5](https://github.com/jackdbd/calderone/compare/@jackdbd/content-security-policy@1.0.0-canary.4...@jackdbd/content-security-policy@1.0.0-canary.5) (2022-10-04)
+
 ## @jackdbd/content-security-policy [1.0.0-canary.4](https://github.com/jackdbd/calderone/compare/@jackdbd/content-security-policy@1.0.0-canary.3...@jackdbd/content-security-policy@1.0.0-canary.4) (2022-09-28)
 
 
diff --git a/packages/content-security-policy/package.json b/packages/content-security-policy/package.json
index ed6d1228..0416d92f 100644
--- a/packages/content-security-policy/package.json
+++ b/packages/content-security-policy/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@jackdbd/content-security-policy",
-  "version": "1.0.0-canary.4",
+  "version": "1.0.0-canary.5",
   "description": "",
   "author": {
     "name": "Giacomo Debidda",

From f213ec9b7ad7e0f4ab6c5019e0fbff1ad8697ae0 Mon Sep 17 00:00:00 2001
From: Giacomo Debidda <giacomo@giacomodebidda.com>
Date: Tue, 4 Oct 2022 17:45:11 +0200
Subject: [PATCH 13/15] chore: update jsonSecret function

---
 scripts/utils.mjs | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/scripts/utils.mjs b/scripts/utils.mjs
index e7fac181..a00d826f 100644
--- a/scripts/utils.mjs
+++ b/scripts/utils.mjs
@@ -144,12 +144,18 @@ export const jsonSecret = (name, env = process.env) => {
   // https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V15.md#v8-86---35415
   const env_var_name = name.replaceAll('-', '_').toUpperCase()
 
+  console.log(
+    '🚀 === jsonSecret === name',
+    name,
+    'process.env.GITHUB_SHA',
+    process.env.GITHUB_SHA,
+    isOnGithub(env)
+  )
   let json
   if (isOnGithub(env)) {
     // we read a secret from GitHub and expose it as environment variable
     json = env[env_var_name]
-  }
-  if (isOnCloudBuild(env)) {
+  } else if (isOnCloudBuild(env)) {
     // we read a secret from Secret Manager and expose it as environment variable
     json = env[env_var_name]
   } else {

From 1c281a598b1aa0ca99c7125ac4f4a52061e76c3c Mon Sep 17 00:00:00 2001
From: Giacomo Debidda <giacomo@giacomodebidda.com>
Date: Tue, 4 Oct 2022 17:50:36 +0200
Subject: [PATCH 14/15] test(firestore-utils): increase Jest timeout

---
 .../firestore-utils/__tests__/delete.test.mjs | 48 +++++++++++--------
 1 file changed, 27 insertions(+), 21 deletions(-)

diff --git a/packages/firestore-utils/__tests__/delete.test.mjs b/packages/firestore-utils/__tests__/delete.test.mjs
index ebc95c48..c46d7fad 100644
--- a/packages/firestore-utils/__tests__/delete.test.mjs
+++ b/packages/firestore-utils/__tests__/delete.test.mjs
@@ -5,6 +5,8 @@ import {
 } from './firestore-client.mjs'
 import { bulkDelete, deleteAllDocsInCollection } from '../lib/delete.js'
 
+const TIMEOUT_MS = 10000
+
 describe('bulkDelete', () => {
   const firestore = firestoreUserClient()
 
@@ -12,27 +14,31 @@ describe('bulkDelete', () => {
     await firestore.terminate()
   })
 
-  it('deletes all documents in a collection when query is a Firestore collection reference', async () => {
-    const coll_ref = firestore.collection(FIRESTORE_TEST_COLLECTION)
-    const result_before = await bulkDelete({ query: coll_ref })
-    expect(result_before.doc_ids.deleted).toHaveLength(0)
-
-    await coll_ref.doc().create({ foo: 'bar', n: 1 })
-    await coll_ref.doc().create({ something: 'good', n: 2 })
-
-    const qs_after_insert = await firestore
-      .collection(FIRESTORE_TEST_COLLECTION)
-      .get()
-    expect(qs_after_insert.size).toBe(2)
-
-    const result_after = await bulkDelete({ query: coll_ref })
-    expect(result_after.doc_ids.deleted).toHaveLength(2)
-
-    const qs_after_delete = await firestore
-      .collection(FIRESTORE_TEST_COLLECTION)
-      .get()
-    expect(qs_after_delete.size).toBe(0)
-  })
+  it(
+    'deletes all documents in a collection when query is a Firestore collection reference',
+    async () => {
+      const coll_ref = firestore.collection(FIRESTORE_TEST_COLLECTION)
+      const result_before = await bulkDelete({ query: coll_ref })
+      expect(result_before.doc_ids.deleted).toHaveLength(0)
+
+      await coll_ref.doc().create({ foo: 'bar', n: 1 })
+      await coll_ref.doc().create({ something: 'good', n: 2 })
+
+      const qs_after_insert = await firestore
+        .collection(FIRESTORE_TEST_COLLECTION)
+        .get()
+      expect(qs_after_insert.size).toBe(2)
+
+      const result_after = await bulkDelete({ query: coll_ref })
+      expect(result_after.doc_ids.deleted).toHaveLength(2)
+
+      const qs_after_delete = await firestore
+        .collection(FIRESTORE_TEST_COLLECTION)
+        .get()
+      expect(qs_after_delete.size).toBe(0)
+    },
+    TIMEOUT_MS
+  )
 
   it('deletes only the documents that match the query', async () => {
     const coll_ref = firestore.collection(FIRESTORE_TEST_COLLECTION)

From 6a7902d81dade3501e8b055439bacba4ab9409e9 Mon Sep 17 00:00:00 2001
From: Giacomo Debidda <giacomo@giacomodebidda.com>
Date: Tue, 4 Oct 2022 17:56:17 +0200
Subject: [PATCH 15/15] chore: update jsonSecret function

---
 scripts/utils.mjs | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/scripts/utils.mjs b/scripts/utils.mjs
index a00d826f..7c60e782 100644
--- a/scripts/utils.mjs
+++ b/scripts/utils.mjs
@@ -144,13 +144,6 @@ export const jsonSecret = (name, env = process.env) => {
   // https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V15.md#v8-86---35415
   const env_var_name = name.replaceAll('-', '_').toUpperCase()
 
-  console.log(
-    '🚀 === jsonSecret === name',
-    name,
-    'process.env.GITHUB_SHA',
-    process.env.GITHUB_SHA,
-    isOnGithub(env)
-  )
   let json
   if (isOnGithub(env)) {
     // we read a secret from GitHub and expose it as environment variable