/**
 * CSP Handler
 *
 * P1 - Content Security Policy management
 *
 * Supports:
 * - CSP header parsing and validation
 * - CSP directive analysis
 * - CSP violation detection
 * - CSP report-only mode
 * - CSP nonce and hash validation
 *
 * @see https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
 */
export interface CSPDirective {
    /** Directive name (e.g., 'script-src', 'img-src') */
    name: string;
    /** Directive values (sources) */
    values: string[];
    /** Whether 'unsafe-inline' is allowed */
    allowsUnsafeInline: boolean;
    /** Whether 'unsafe-eval' is allowed */
    allowsUnsafeEval: boolean;
    /** Whether 'self' is in sources */
    allowsSelf: boolean;
    /** Whether '*' is in sources (wildcard) */
    allowsWildcard: boolean;
    /** Nonce value if present */
    nonce?: string;
    /** Hash values if present */
    hashes: string[];
}
export interface CPSPolicy {
    /** Full CSP header value */
    raw: string;
    /** Parsed directives */
    directives: Map<string, CSPDirective>;
    /** Whether report-only mode */
    reportOnly: boolean;
    /** Report-to endpoint */
    reportEndpoint?: string;
    /** Report URI endpoint */
    reportUri?: string;
}
export interface CSPValidationResult {
    /** CSP policy is present */
    hasCSP: boolean;
    /** Policy object */
    policy?: CPSPolicy;
    /** Security score (0-100) */
    securityScore: number;
    /** Security issues found */
    issues: string[];
    /** Warnings (not critical but suboptimal) */
    warnings: string[];
    /** Recommendations */
    recommendations: string[];
}
export interface CSPViolation {
    /** Violated directive */
    directive: string;
    /** Blocked resource */
    blockedURI?: string;
    /** Original policy */
    policy?: string;
    /** Source of violation */
    sourceFile?: string;
    /** Line number */
    lineNumber?: number;
    /** Column number */
    columnNumber?: number;
    /** Violation timestamp */
    timestamp: number;
}
/**
 * CSP Handler class
 */
export declare class CSPHandler {
    private page;
    private violations;
    constructor(page: any);
    /**
     * Get CSP header from response
     */
    getCSPHeader(): Promise<string | null>;
    /**
     * Parse CSP header value
     */
    parseCSP(cspValue: string, reportOnly?: boolean): CPSPolicy;
    /**
     * Get CSP policy from page
     */
    getCSPPolicy(): Promise<CPSPolicy | null>;
    /**
     * Validate CSP policy
     */
    validateCSP(): Promise<CSPValidationResult>;
    /**
     * Get directive by name
     */
    getDirective(directiveName: string): Promise<CSPDirective | null>;
    /**
     * Check if a resource would be allowed by CSP
     */
    checkResourceAllowed(resourceType: string, url: string): Promise<boolean>;
    /**
     * Setup CSP violation monitoring
     */
    setupViolationMonitoring(): Promise<void>;
    /**
     * Get collected violations
     */
    getViolations(): CSPViolation[];
    /**
     * Clear violations
     */
    clearViolations(): void;
    /**
     * Generate a nonce value for inline scripts
     */
    generateNonce(): string;
    /**
     * Inject nonce into inline scripts
     */
    injectNonces(): Promise<Map<string, string>>;
    /**
     * Get all CSP-related meta tags
     */
    getMetaTags(): Promise<Array<{
        httpEquiv: string;
        content: string;
    }>>;
    /**
     * Check for common CSP bypass patterns
     */
    checkBypassPatterns(): Promise<string[]>;
    /**
     * Compare two CSP policies
     */
    comparePolicies(policy1: CPSPolicy, policy2: CPSPolicy): {
        stricter: string[];
        looser: string[];
        onlyIn1: string[];
        onlyIn2: string[];
    };
}
/**
 * Factory function to create CSP Handler
 */
export declare function createCSPHandler(page: any): CSPHandler;
export default CSPHandler;