syncfusion-aspnetcore-security
Content Security Policy (CSP) — Syncfusion ASP.NET Core (Security)
Use this skill for high-level, Syncfusion-specific CSP guidance and references. Detailed code snippets and implementation examples live in the concern's references files.
When to Use
- Implementing CSP headers for Syncfusion EJ2 controls
- Running in strict CSP mode where inline scripts/styles are restricted
- Adding nonces to inline scripts/styles for Syncfusion initialization
- Allowlisting CDN resources or external fonts required by Syncfusion themes
Quick Checklist
- Generate a cryptographically secure nonce per request
- Add the nonce to the CSP header and to all Syncfusion script/style tags
- Allow required CDN origins and font providers in CSP directives
- Avoid
unsafe-inline/unsafe-evalunless absolutely necessary - Verify behavior in browser DevTools and address CSP violations
Generic Guidelines (Summary)
- Generate nonces early in the pipeline and store them in
HttpContextfor views - Use minimal, explicit CSP directives (prefer
'self', explicit hostnames, and'nonce-<value>') - Prefer data binding over inline templates to avoid
unsafe-evalrequirements - Document your CSP policy and the reasons for any relaxations
References
- Main implementation and examples: references/csp-guide.md
More from syncfusion/aspnetcore-ui-components-skills
syncfusion-aspnetcore-charts
Implements Syncfusion ASP.NET Core Chart (SfChart) for data visualization. Use this when building charts, visualizing time-series or categorical data, or creating dashboards. Covers series configuration (line, bar, pie), axes, tooltips, legends, and customization for ASP.NET Core applications.
11syncfusion-aspnetcore-textbox
Complete guide to implementing the Syncfusion TextBox component in ASP.NET Core applications with tag helpers, validation, floating labels, and adornments for building accessible input forms.
11syncfusion-aspnetcore-list-box
Implement and configure Syncfusion ASP.NET Core ListBox component with selection controls. Use this when building selection interfaces with single/multiple modes, data binding, or advanced features. Covers ListBox implementation, selection state management, appearance customization, and user interaction handling.
10syncfusion-aspnetcore-common
**CONFIGURATION GUIDE** — Assist with Syncfusion ASP.NET Core EJ2 components setup, localization, and version compatibility. Use when: installing Syncfusion packages, configuring globalization/localization, selecting compatible versions.
10syncfusion-aspnetcore-rich-text-editor
Implements the Syncfusion ASP.NET Core Rich Text Editor (ejs-richtexteditor tag helper) supporting HTML (WYSIWYG) and Markdown editing modes. Set editorMode='Markdown' for Markdown; default is HTML. Use this skill for toolbar configuration, image upload, table editing, inline or iframe mode, AI assistant integration, mentions, and form validation with rich text in ASP.NET Core projects.
10syncfusion-aspnetcore-theme
**THEMING & APPEARANCE GUIDE** — Assist with Syncfusion ASP.NET Core EJ2 component theming, customization, size modes, and dynamic theme switching. Use when: applying themes (Bootstrap, Material, Tailwind, Fluent, etc.), customizing theme variables, implementing theme switchers, enabling touch mode, or customizing icons and appearance.
10