Merlin
CSP Scanner: Test, Analyze & Evaluate CSP

CSP Scanner: Test, Analyze & Evaluate CSP

Best Content-Security-Policy tool to validate and check XSS, Clickjacking & Formjacking protection grade and to detect CSP bypasses.

Merlin
Upgrade to view and diff full source code
Additional files are visible only to premium users

manifest.json

{
  "update_url": "https://clients2.google.com/service/update2/crx",
  "manifest_version": 2,
  "name": "CSP Scanner: Test, Analyze & Evaluate CSP",
  "version": "1.1.7",
  "description": "Best Content-Security-Policy tool to validate and check XSS, Clickjacking & Formjacking protection grade and to detect CSP bypasses.",
  "short_name": "CSP Scanner",
  "minimum_chrome_version": "10.0",
  "permissions": [
    "webRequest",
    "tabs",
    "http://*/*",
    "https://*/*"
  ],
  "background": {
    "scripts": [
      "assets/background-1e1a2bd5.js"
    ],
    "persistent": true
  },
  "browser_action": {
    "default_icon": "assets/icons/inactive.png",
    "default_popup": "popup/popup.html"
  },
  "content_security_policy": "default-src 'self'; img-src * data:; script-src 'self' 'unsafe-eval' https://www.google-analytics.com/analytics.js; connect-src *;",
  "icons": {
    "16": "assets/icons/16.png",
    "48": "assets/icons/48.png",
    "128": "assets/icons/128.png"
  }
}