/**
 * Content Security Policy (CSP) manager for XSS protection
 */
/**
 * CSP directive types
 */
export type CspDirective = 'default-src' | 'script-src' | 'style-src' | 'img-src' | 'font-src' | 'connect-src' | 'media-src' | 'object-src' | 'frame-src' | 'child-src' | 'worker-src' | 'manifest-src' | 'base-uri' | 'form-action' | 'frame-ancestors' | 'plugin-types' | 'sandbox' | 'upgrade-insecure-requests' | 'block-all-mixed-content';
/**
 * CSP source values
 */
export type CspSource = "'self'" | "'unsafe-inline'" | "'unsafe-eval'" | "'strict-dynamic'" | "'none'" | string;
/**
 * CSP policy configuration
 */
export interface CspPolicy {
    [directive: string]: CspSource[];
}
/**
 * CSP manager options
 */
export interface CspManagerOptions {
    /**
     * Whether to report CSP violations
     * @default false
     */
    reportViolations?: boolean;
    /**
     * URL to send CSP violation reports to
     */
    reportUri?: string;
    /**
     * Whether to use CSP in report-only mode
     * @default false
     */
    reportOnly?: boolean;
}
/**
 * Content Security Policy manager for XSS protection
 */
export declare class CspManager {
    private policy;
    private options;
    private nonces;
    /**
     * Create a new CSP manager
     * @param policy Initial CSP policy
     * @param options CSP manager options
     */
    constructor(policy?: Partial<CspPolicy>, options?: CspManagerOptions);
    /**
     * Generate a cryptographically secure nonce for inline scripts/styles
     * @returns Base64 encoded nonce
     */
    generateNonce(): string;
    /**
     * Add a nonce to the script-src directive
     * @param nonce The nonce to add
     */
    addScriptNonce(nonce: string): void;
    /**
     * Add a nonce to the style-src directive
     * @param nonce The nonce to add
     */
    addStyleNonce(nonce: string): void;
    /**
     * Add a hash to a directive for inline content
     * @param directive The CSP directive
     * @param hash The SHA hash (e.g., 'sha256-abc123...')
     */
    addHash(directive: CspDirective, hash: string): void;
    /**
     * Add a source to a CSP directive
     * @param directive The CSP directive
     * @param source The source to add
     */
    addSourceToDirective(directive: CspDirective, source: CspSource): void;
    /**
     * Remove a source from a CSP directive
     * @param directive The CSP directive
     * @param source The source to remove
     */
    removeSourceFromDirective(directive: CspDirective, source: CspSource): void;
    /**
     * Generate the CSP header value
     * @returns CSP header value string
     */
    generateHeader(): string;
    /**
     * Get the appropriate CSP header name
     * @returns CSP header name
     */
    getHeaderName(): string;
    /**
     * Create a strict CSP policy for maximum security
     * @returns New CspManager with strict policy
     */
    static createStrict(): CspManager;
    /**
     * Create a development-friendly CSP policy
     * @returns New CspManager with development policy
     */
    static createDevelopment(): CspManager;
}
/**
 * Default CSP manager instance
 */
export declare const defaultCspManager: CspManager;
//# sourceMappingURL=csp-manager.d.ts.map