CSP Evaluator
CSP Evaluator is a tool that allows developers to check if a Content Security Policy (CSP) serves as mitigation against XSS attacks.
CSP Evaluator: XSS Attack Mitigation Tool
The 'CSP Evaluator' is a Chrome extension tailored for developers and security experts to evaluate if a Content Security Policy (CSP) serves as a robust protection against cross-site scripting (XSS) attacks. It automates the review process of CSP policies, spreading awareness about CSP bypasses, and encourages developers to strengthen their CSP.
Extension stats
Manifest V3
Permissions:
- storage
- webRequest
Host permissions:
- <all_urls>
Size: 304.13K
Email: lw*****@google.com
Full description: See detailed description
Ranking
Other platforms
Not available on Android
Not available on Firefox
Not available on Edge
User reviews
These summaries are automatically generated weekly using AI based on recent user reviews.
Chrome Web Store does not verify user reviews, so some user reviews may be inaccurate,
spammy, or outdated. Pros
- Works fine after reinstalling for some users
- Helpful in troubleshooting CSP configurations
- Compatible with Edge browser
Cons
- Frequently stops working or crashes
- Does not detect meta CSPs or any CSPs on webpages
- Causes duplicate requests in the browser
Most mentioned
- Extension stops working or crashes
- Does not detect meta CSP
- No CSP detected on any webpage
User reviews
It works just fine.
by 
Goktug Erol, 2025-01-23
Goktug Erol, 2025-01-23extension stopped working :(
by 
Evan Tirta, 2024-11-14
Evan Tirta, 2024-11-14This extension stopped working for me in the past couple months in the Brave browser. I recently disabled, removed, and reinstalled and it's working again. For those who are having trouble with it working, give the reinstall a try.
by 
Kirk Solar, 2024-11-04
Kirk Solar, 2024-11-04Extension safety
Risk impact
CSP Evaluator requires some sensitive permissions that could impact your browser and data security. Exercise caution before installing.
Risk impact analysis details
- Critical Grants access to browser tabs, which can be used to track user browsing habits and history, presenting a privacy concern.
- Critical ****** ****** ** *** ********* ****** * *********** ******** **** ** ** *** ******* *** ****** **** **** *** ******* *****
- High ******* ******* **** *** ****** ***** *** ***** ** ******* **** ********* ********* ** * *********** *****
- Low ******* ****** ** *** ********* ********
Risk likelihood
We don't have sufficient data to confidently determine the risk likelihood of CSP Evaluator. Use it at your own risk.
Risk likelihood analysis details
- High This extension has low user count. Unpopular extensions may not be stable or safe.
- Low **** ********* *** ******* **** **** * ****** **** ***** ******** *** **** ****** ** ** ****** *** *****
- Low **** ********* *** ***** **** **** * ****** **** ***** ********** *** **** ****** ** ** ****** *** *****
- Good **** ********* *** **** **** *******
Upgrade to see full risk analysis details
Similar extensions
Here are some Chrome extensions that are similar to CSP Evaluator:
https://rufflewind.com
2K 4.22 
(9)
(9) 
https://csper.io
20K 4.36 (14)
(14) 
https://www.deque.com
300K 3.97 (115)
(115) 
oxdef
1,000 3.71 (7)
(7) 
Unknown
10K 3.89 (18)
(18) 
ACNS_cybersecurity_interns
3K 4.86 (7)
(7) 
c0nrad
660 3.71 (7)
(7) 
https://requestly.com
200K 4.32 (1,230)
(1,230) 
https://pentestkit.co.uk
20K 4.81 (43)
(43) 
Phil Grayson
60K 3.65 (92)
(92) 
Wrep
200K 4.37 (430)
(430) 
https://sublimetrix.com
100K 4.78 (32)
(32)