Always Disable Content-Security-Policy
15 ratings
)
Overview
Always Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.
This is a fork of Phil Grayson's extension with the only difference being that this one disables the headers by default. Original: https://chrome.google.com/webstore/detail/disable-content-security/ieelmcmcagommplceebfedjlakkhpden Use at your own risk. Disables the current page's Content Security Policy. Useful when testing what resources a new third-party tag includes onto the page. Click the extension icon to re-enable CSP headers. Click the extension icon again to disable CSP headers. Use this only as a last resort. Disabling CSP means disabling features designed to protect you from cross-site scripting. Prefer to use report-uri which instructs the browser to send CSP violations to a URI. That allows you keep CSP enabled in your browser but still know what got blocked. https://report-uri.com is a free tool that gives you a web interface to inspect CSP violations on your site.
3.7 out of 515 ratings
Google doesn't verify reviews. Learn more about results and reviews.
Jordan EmbryMar 5, 2024
Only works when I disable then enable and refresh. Doesn't always disable when I want it to. Should be a easy fix. If there was a way to always enable then disable on every refresh it would work as intended.
V CizekAug 10, 2023
This one works for me, even for using with Luigi project, which loads pages in iframes. Love this extension! Thank you.
Nikolay LanetsAug 2, 2023
Works. Thanks!
Details
- Version1.0.7
- UpdatedJanuary 10, 2020
- Size13.2KiB
- Languages2 languages
- Non-traderThis developer has not identified itself as a trader. For consumers in the European Union, please note that consumer rights do not apply to contracts between you and this developer.