#3.75 / 16 rate

Always Disable Content-Security-Policy

10,000 users

2020-01-10

Unknown

This extension is being deprecated because it doesn't follow Chrome extension best practices.

Extension Information

5 star

57%

4 star

3 star

13%

2 star

1 star

20%

Supported Languages

Permissions

Description

Always Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.

This is a fork of Phil Grayson's extension with the only difference being that this one disables the headers by default. Original: https://chrome.google.com/webstore/detail/disable-content-security/ieelmcmcagommplceebfedjlakkhpden
Use at your own risk. Disables the current page's Content Security Policy. Useful when testing what resources a new third-party tag includes onto the page.

Click the extension icon to re-enable CSP headers. Click the extension icon again to disable CSP headers.

Use this only as a last resort. Disabling CSP means disabling features designed to protect you from cross-site scripting. Prefer to use report-uri which instructs the browser to send CSP violations to a URI. That allows you keep CSP enabled in your browser but still know what got blocked. https://report-uri.com is a free tool that gives you a web interface to inspect CSP violations on your site.

Reviews

hailong hu

Very effective

Jordan Embry

Only works when I disable then enable and refresh. Doesn't always disable when I want it to. Should be a easy fix. If there was a way to always enable then disable on every refresh it would work as intended.