Disable Content-Security-Policy

Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.

The Disable Content-Security-Policy Chrome extension is a specialized tool designed for web developers and testers to disable the Content-Security-Policy (CSP) header on a per-tab basis. By clicking the extension icon, users can disable CSP headers to observe how third-party tags and resources behave when CSP protections are lifted. Clicking again re-enables CSP for the tab.

This extension should be used with caution and as a last resort since disabling CSP removes critical security features that prevent cross-site scripting attacks. For safer CSP monitoring, developers are encouraged to use report-uri services (such as https://report-uri.com) that collect CSP violation reports without disabling protection. This extension is ideal for thorough testing and debugging scenarios where understanding resource loading without CSP restrictions is necessary.

By:
Phil Grayson
Users:
60,000
Rating:
3.63
(94)
Version:
4.0.0 Last updated: 2024-09-03
Creation date:
2020-05-06
Risk:
Very low risk impact Moderate risk likelihood
Permissions:
  • storage
  • activeTab
  • browsingData
  • declarativeNetRequest
Size:
29.02KB
Email:
ph*****@philgrayson.com
URLs:
Privacy policy
Full description:
See detailed description
Source:
Chrome Web Store
Updated:
a day ago

Other platforms

Disable Content-Security-Policy (v3.0.0)
4,580 0.00 (0)

User reviews

User reviews for "Disable Content-Security-Policy" praise its effectiveness on certain sites and long-term reliable use by some, especially after refreshing or toggling. It helps bypass CSP and CORS errors enabling specific web functionalities. However, the extension is inconsistent across browsers like Chrome and Brave, often failing or requiring multiple toggles and refreshes. It sometimes fails to remove CSP headers fully, leading to persistent security errors. Overall, while valuable for some scenarios, its reliability and user experience can be frustrating due to inconsistent performance and lack of state retention.
Pros
  • Works effectively for some users over many years without issues.
  • Can enable functionality on specific websites that require CSP to be disabled, like Masmovil and GitHub translation scripts.
  • Generally works well after page refresh or toggling the extension.
  • Useful for avoiding CSP and some CORS errors.
  • Simple and effective when it works, described as "working like a charm" by multiple users.
Cons
  • Does not work consistently across all browsers or sites, especially reported issues in Chrome and Brave.
  • Requires toggling on and off or refreshing the page multiple times to take effect, and does not remember its state.
  • Does not fully disable CSP in all cases, some errors like "Refused to frame" still occur.
  • Sometimes has no observable effect and does not actually change CSP headers as expected.
  • Can cause Chromium to retain old CSP policies even after changes, resulting in persistent blocking errors.
Recent reviews
Doesn't work
by Ty*****, 2025-05-04

работает но криво несколько раз нужно включить выключить
by До*****, 2025-04-20

I've been using this one for probably 5 years for work and never had an issue.
by Ry*****, 2024-11-21
View all user reviews ›

Extension safety

Risk impact
Risk impact measures the level of extra permissions an extension has access to. A low risk impact extension cannot do much harms, whereas a high risk impact extension can do a lot of damage like stealing your password, bypassing your security settings, and accessing your personal data. High risk impact extensions are not necessarily malicious. However, if they do turn malicious, they can be very harmful.

Disable Content-Security-Policy does not require any sensitive permissions.

Risk impact analysis details
    Risk likelihood
    Risk likelihood measures the probability that a Chrome extension may turn malicious. This is determined by the publisher and the Chrome extension reputation on Chrome Web Store, the amount of time the Chrome extension has been around, and other signals about the Chrome extension. Our algorithms are not perfect, and are subject to change as we discover new ways to detect malicious extensions. We recommend that you always exercise caution when installing a Chrome extension.

    Disable Content-Security-Policy is probably trust-worthy. Prefer other publishers if available. Exercise caution when installing this extension.

    Risk likelihood analysis details
    • High This extension has low user count. Unpopular extensions may not be stable or safe.
    • Low **** ********* *** ******* **** **** * ****** **** ***** ******** *** **** ****** ** ** ****** *** *****
    • Low **** ********* *** ***** **** **** * ****** **** ***** ********** *** **** ****** ** ** ****** *** *****
    • Good **** ********* *** **** **** *******
    Upgrade to see full risk analysis details

    Compare extensions

    Similar extensions

    Here are some Chrome extensions that are similar to Disable Content-Security-Policy:

    Popular extensions / apps

    Here are some popular extensions / apps that you might be interested in: