CSP Evaluator: XSS Attack Mitigation Tool
Extension stats
Ranking
Other platforms
Extension summary
CSP Evaluator is a small tool that allows developers and security experts to check if a Content Security Policy (CSP) serves as a strong mitigation against cross-site scripting attacks. Reviewing CSP policies is usually a very manual process and most developers are not aware of CSP bypasses. CSP Evaluator checks are based on a large-scale empirical study and are aimed to help developers to harden their CSP. This tool is provided only for the convenience of developers and Google provides no guarantees or warranties for this tool.
User reviews
- Saved users time in setting up CSP correctly
- Works in various browsers, including Edge
- Frequently stops working or crashes, especially in Chrome and Brave
- Does not detect meta CSPs, which is a significant limitation
- Issues with detecting CSP on any webpage
- Stopped working or crashes
- Does not detect meta CSP
- No CSP detected on any webpage
User reviews
Extension safety
Risk impact
CSP Evaluator requires some sensitive permissions that could impact your browser and data security. Exercise caution before installing.
Risk likelihood
CSP Evaluator is probably trust-worthy. Prefer other publishers if available. Exercise caution when installing this extension.
Similar extensions
Here are some Chrome extensions that are similar to CSP Evaluator: