Always Disable Content-Security-Policy

Always Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.

Always Disable Content-Security-Policy Chrome Extension

'Always Disable Content-Security-Policy' is a Chrome extension that disables the current page's Content Security Policy by default, allowing resources from third-party tags. It is primarily used for testing purposes. Users can re-enable CSP headers by clicking on the extension icon. Use it with caution as disabling CSP may increase risk of cross-site scripting.

Download

Extension stats

Users: 10,000+

Rating: 3.89

(18)

Version: 1.0.7 (Last updated: 2020-01-10)

Creation date: 2020-01-10

Risk impact: High risk impact

Risk likelihood:

Low risk likelihood

Manifest version: 2

Permissions:

webRequest
webRequestBlocking
browsingData
http://*/*
https://*/*

Size: 13.52K

Ranking

# 9,461 ▲ 52

Other rankings

#6755 in Developer Tools ▼ 17

#10 in policy keyword 14 ▲ 3

#17 in disable keyword 36 ▲ 2

#51 in security keyword 75 ▲ 3

#145 in header keyword 27 ▲ 1

Upgrade to see more rankings

Other platforms

Always on notification & music (v1.28)

3.36

(385) 51,540+

Not available on Firefox

Not available on Edge

Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.

Extension summary

Analyze keywords

This is a fork of Phil Grayson's extension with the only difference being that this one disables the headers by default. Original: https://chrome.google.com/webstore/detail/disable-content-security/ieelmcmcagommplceebfedjlakkhpden Use at your own risk. Disables the current page's Content Security Policy. Useful when testing what resources a new third-party tag includes onto the page.

Click the extension icon to re-enable CSP headers. Click the extension icon again to disable CSP headers.

Use this only as a last resort. Disabling CSP means disabling features designed to protect you from cross-site scripting. Prefer to use report-uri which instructs the browser to send CSP violations to a URI. That allows you keep CSP enabled in your browser but still know what got blocked. https://report-uri.com is a free tool that gives you a web interface to inspect CSP violations on your site.

User reviews

These summaries are automatically generated weekly using AI based on recent user reviews. Chrome Web Store does not verify user reviews, so some user reviews may be inaccurate, spammy, or outdated.

Pros

Works very well for many users
Easy to use and simple to operate
Effective for specific projects like Luigi and GitHub
User-friendly with a clear function

Cons

Does not always function as intended
Requires refreshing after toggling
Ineffective for some specific sites with strong CSP
Some users report it no longer works at all

Most mentioned

Works for some users and projects
Does not work consistently for all sites
Many users express frustration with the toggle function
Has been effective as the only working CSP plugin for some

User reviews

很不错，默认禁用 CSP，点击图标后可取消禁用。只对当前标签页生效✅

RJ Deng, 2024-11-14

Does exactly what it says it will do.

DJ Shastri, 2024-09-26

Very effective

hailong hu, 2024-07-30

View all user reviews

Extension safety

Risk impact

Always Disable Content-Security-Policy requires some sensitive permissions that could impact your browser and data security. Exercise caution before installing.