Always Disable Content-Security-Policy

Always Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.
What is Always Disable Content-Security-Policy?
'Always Disable Content-Security-Policy' is a Chrome extension that disables the current page's Content Security Policy by default, allowing resources from third-party tags. It is primarily used for testing purposes. Users can re-enable CSP headers by clicking on the extension icon. Use it with caution as disabling CSP may increase risk of cross-site scripting.

Extension stats

Users: 10,000+
Rating: 3.82 (17)
Version: 1.0.7 (Last updated: 2020-01-10)
Creation date: 2020-01-10
Risk impact: High risk impact
Risk likelihood: Low risk likelihood
Manifest version: 2
Permissions:
  • webRequest
  • webRequestBlocking
  • browsingData
  • http://*/*
  • https://*/*
Size: 13.52K

Other platforms

Not available on Firefox
Not available on Edge
Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.
Chrome-Stats extension

Extension summary

Analyze keywords

This is a fork of Phil Grayson's extension with the only difference being that this one disables the headers by default. Original: https://chrome.google.com/webstore/detail/disable-content-security/ieelmcmcagommplceebfedjlakkhpden Use at your own risk. Disables the current page's Content Security Policy. Useful when testing what resources a new third-party tag includes onto the page.

Click the extension icon to re-enable CSP headers. Click the extension icon again to disable CSP headers.

Use this only as a last resort. Disabling CSP means disabling features designed to protect you from cross-site scripting. Prefer to use report-uri which instructs the browser to send CSP violations to a URI. That allows you keep CSP enabled in your browser but still know what got blocked. https://report-uri.com is a free tool that gives you a web interface to inspect CSP violations on your site.

User reviews

These summaries are automatically generated weekly using AI based on recent user reviews. Chrome Web Store does not verify user reviews, so some user reviews may be inaccurate, spammy, or outdated.
Pros
  • Effective in disabling Content-Security-Policy when it works
  • Works well with certain projects and platforms like Github and Luigi
  • Very simple and easy to use
Cons
  • Does not always function as intended; requires refreshing or manual enabling/disabling
  • Issues with specific sites, such as f95zone.to, where it fails to disable CSP
  • Some users report it no longer working or having no effect in disabling CSP
Most mentioned
  • Works great when functioning properly
  • Not always reliable or effective
  • Simple to use and set up
Recent reviews
Does exactly what it says it will do.
by DJ Shastri, 2024-09-26

Very effective
by hailong hu, 2024-07-30

Only works when I disable then enable and refresh. Doesn't always disable when I want it to. Should be a easy fix. If there was a way to always enable then disable on every refresh it would work as intended.
by Jordan Embry, 2024-03-05
View all user reviews

Extension safety

Risk impact

Always Disable Content-Security-Policy requires some sensitive permissions that could impact your browser and data security. Exercise caution before installing.

Risk likelihood

Always Disable Content-Security-Policy has earned a fairly good reputation and likely can be trusted.

Upgrade to see risk analysis details

Similar extensions

Here are some Chrome extensions that are similar to Always Disable Content-Security-Policy: