CSP Evaluator
「CSP Evaluator」的項目標誌圖片

CSP Evaluator

3.1(

25 個評分

)
擴充功能開發人員工具20,000 使用者
項目媒體「2」螢幕截圖
項目媒體「1」螢幕截圖
項目媒體「2」螢幕截圖
項目媒體「1」螢幕截圖
項目媒體「1」螢幕截圖
項目媒體「2」螢幕截圖

總覽

CSP Evaluator is a tool that allows developers to check if a Content Security Policy (CSP) serves as mitigation against XSS attacks.

CSP Evaluator is a small tool that allows developers and security experts to check if a Content Security Policy (CSP) serves as a strong mitigation against cross-site scripting attacks. Reviewing CSP policies is usually a very manual process and most developers are not aware of CSP bypasses. CSP Evaluator checks are based on a large-scale empirical study and are aimed to help developers to harden their CSP. This tool is provided only for the convenience of developers and Google provides no guarantees or warranties for this tool.

3.1 分 (滿分 5 分)25 個評分

Google 不會驗證評論。 進一步瞭解結果與評論。

詳細資料

  • 版本
    0.2.1
  • 已更新
    2020年11月19日
  • 提供者
    Lukas Weichselbaum
  • 大小
    302KiB
  • 語言
    English
  • 開發人員
    電子郵件
    lweichselbaum@google.com
  • 非交易商
    這位開發人員並未表明自己是交易商。歐盟地區的消費者請注意,消費者權利不適用於你和這位開發人員之間簽訂的合約。

隱私權

開發者已表示這項商品不會蒐集或使用你的資料。

這位開發者就你的資料做出下列聲明:

  • 經核准的用途外,不會將你的資料販售給第三方
  • 不會基於與商品核心功能無關的目的,使用或轉移資料
  • 不會為了確認信用度或基於貸款目的,使用或轉移資料

支援

如有疑問或建議,請前往開發人員的支援網站

相關項目

OWASP Penetration Testing Kit

4.9(43)

OWASP Penetration Testing Kit

Disable Content-Security-Policy

3.6(82)

Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.

Xdebug helper

4.4(431)

Easy debugging, profiling and tracing extension for Xdebug

Vulners Web Scanner

4.5(19)

Tiny vulnerability scanner based on vulners.com vulnerability database. Passively scan websites while you surf internet!

Content Security Policy Override

4.2(9)

Modify the Content Security Policy of web pages.

Content Security Policy (CSP) Generator

4.2(11)

Automatically generate content security policy headers online for any website.

axe DevTools - Web Accessibility Testing

4.0(106)

Accessibility Checker for Developers, Testers, and Designers in Chrome

CSP Tester

3.7(7)

This extension helps web masters to test web application behaviour with Content Security Policy version 2.0 implemented.

Always Disable Content-Security-Policy

3.7(15)

Always Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.

Web Vitals

4.1(40)

Measure metrics for a healthy site

Security-Header-Extension

4.8(5)

A Chrome Extension built to check the presence of embedded security headers.

Caspr: Enforcer

3.7(7)

Install CSP headers on arbitrary websites

OWASP Penetration Testing Kit

4.9(43)

OWASP Penetration Testing Kit

Disable Content-Security-Policy

3.6(82)

Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.

Xdebug helper

4.4(431)

Easy debugging, profiling and tracing extension for Xdebug

Vulners Web Scanner

4.5(19)

Tiny vulnerability scanner based on vulners.com vulnerability database. Passively scan websites while you surf internet!

Content Security Policy Override

4.2(9)

Modify the Content Security Policy of web pages.

Content Security Policy (CSP) Generator

4.2(11)

Automatically generate content security policy headers online for any website.

axe DevTools - Web Accessibility Testing

4.0(106)

Accessibility Checker for Developers, Testers, and Designers in Chrome

CSP Tester

3.7(7)

This extension helps web masters to test web application behaviour with Content Security Policy version 2.0 implemented.

Google 應用程式