configuring-tauri-csp
Tauri Content Security Policy (CSP) Configuration
This skill covers Content Security Policy configuration for Tauri v2 desktop applications.
Why CSP Matters in Tauri
CSP is a security mechanism that mitigates common web vulnerabilities in Tauri applications:
- XSS Prevention: Restricts which scripts can execute, blocking injected malicious code
- Resource Control: Limits where the WebView can load assets from (scripts, styles, images, fonts)
- Trust Boundaries: Strengthens the isolation between frontend WebView and backend Rust code
- Attack Surface Reduction: Prevents unauthorized network connections and resource loading
Tauri operates on a trust boundary model where frontend code has limited access to system resources through a well-defined IPC layer. CSP adds an additional layer of protection within the frontend trust zone.
How Tauri Implements CSP
Tauri uses a two-part protection strategy:
More from dchuk/claude-code-tauri-skills
integrating-tauri-js-frontends
Guides Claude through configuring JavaScript frontend frameworks for Tauri v2 desktop applications, including Next.js, Nuxt, Qwik, SvelteKit, and Vite with proper SSG setup, tauri.conf.json settings, and framework-specific configurations.
206configuring-tauri-permissions
Guides the user through configuring Tauri permissions, including the security permission system, allow and deny lists, plugin permissions, permission identifiers, scopes, and capability integration.
166understanding-tauri-architecture
Teaches Claude about Tauri's core architecture, including the Rust backend, webview integration, Core-Shell design pattern, IPC mechanisms, and security model fundamentals.
152calling-rust-from-tauri-frontend
Guides the user through calling Rust backend functions from the Tauri frontend using the invoke function, defining commands with the #[tauri::command] attribute, passing arguments, returning values, handling errors, and implementing async IPC communication.
138integrating-tauri-rust-frontends
Guides the user through integrating Rust-based WASM frontend frameworks with Tauri v2, covering Leptos and Trunk setup, WASM compilation configuration, Cargo.toml dependencies, Trunk.toml bundler settings, and withGlobalTauri API access.
113setting-up-tauri-projects
Helps users create and initialize new Tauri v2 projects for building cross-platform desktop and mobile applications. Covers system prerequisites and setup requirements for macOS, Windows, and Linux. Guides through project creation using create-tauri-app or manual Tauri CLI initialization. Explains project directory structure and configuration files. Supports vanilla JavaScript, TypeScript, React, Vue, Svelte, Angular, SolidJS, and Rust-based frontends.
107