Mark van Seventer



Configuring Content Security Policy (CSP) in TanStack Start

The buzz around TanStack Start has really taken off since its recent RC release. I’ve been using it for a while (this very site runs on it!), and the latest version brings tons of improvements. One area that’s still a bit under-documented is how to configure a solid Content Security Policy (CSP) to mitigate security threats. The good news: with TanStack Start’s new middleware support, setting up CSP is now straightforward. In this post, I’ll walk through the approach I’ve been using.


Portrait photo

Mark van Seventer

Front-End Engineer. Self-proclaimed React & TypeScript specialist. Big on web standards and performance. Exploring AI and Vibe Coding my way to productivity.

View Projects