Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.
- By:
- Phil Grayson
- Users:
- 60,000
- Rating:
- 3.63 (94)
- Version:
- 4.0.0 Last updated: 2024-09-03
- Creation date:
- 2020-05-06
- Risk:
- Very low risk impact Moderate risk likelihood
- Permissions:
- storage
- activeTab
- browsingData
- declarativeNetRequest
- storage
- Size:
- 29.02KB
- Email:
- ph*****@philgrayson.com
- URLs:
- Privacy policy
- Full description:
- See detailed description
- Source:
- Chrome Web Store
- Updated:
- a day ago
Ranking
Other platforms
User reviews
Pros
- Works effectively for some users over many years without issues.
- Can enable functionality on specific websites that require CSP to be disabled, like Masmovil and GitHub translation scripts.
- Generally works well after page refresh or toggling the extension.
- Useful for avoiding CSP and some CORS errors.
- Simple and effective when it works, described as "working like a charm" by multiple users.
Cons
- Does not work consistently across all browsers or sites, especially reported issues in Chrome and Brave.
- Requires toggling on and off or refreshing the page multiple times to take effect, and does not remember its state.
- Does not fully disable CSP in all cases, some errors like "Refused to frame" still occur.
- Sometimes has no observable effect and does not actually change CSP headers as expected.
- Can cause Chromium to retain old CSP policies even after changes, resulting in persistent blocking errors.
Recent reviews
Doesn't work
by
Ty*****, 2025-05-04
работает но криво несколько раз нужно включить выключить
by
До*****, 2025-04-20
I've been using this one for probably 5 years for work and never had an issue.
by
Ry*****, 2024-11-21
Extension safety
Risk impact
Risk impact measures the level of extra permissions an extension has access to. A low risk
impact extension cannot do much harms, whereas a high risk impact extension can do a lot of
damage like stealing your password, bypassing your security settings, and accessing your
personal data. High risk impact extensions are not necessarily malicious. However, if they
do turn malicious, they can be very harmful.
Disable Content-Security-Policy does not require any sensitive permissions.
Risk impact analysis details
Risk likelihood
Risk likelihood measures the probability that a Chrome extension may turn malicious.
This is determined by the publisher and the Chrome extension reputation on
Chrome Web Store, the amount of time the Chrome extension has been
around, and other signals about the
Chrome extension. Our algorithms are not perfect, and are subject to change
as we discover new ways to detect malicious extensions. We recommend that you always
exercise caution when installing a Chrome extension.
Disable Content-Security-Policy is probably trust-worthy. Prefer other publishers if available. Exercise caution when installing this extension.
Risk likelihood analysis details
- High This extension has low user count. Unpopular extensions may not be stable or safe.
- Low **** ********* *** ******* **** **** * ****** **** ***** ******** *** **** ****** ** ** ****** *** *****
- Low **** ********* *** ***** **** **** * ****** **** ***** ********** *** **** ****** ** ** ****** *** *****
- Good **** ********* *** **** **** *******
Upgrade to see full risk analysis details
Compare extensions
- Compare Disable Content-Security-Policy vs Always Disable Content-Security-Policy
- Compare Disable Content-Security-Policy vs Content Security Policy Override
- Compare Disable Content-Security-Policy vs CORS Unblock
Similar extensions
Here are some Chrome extensions that are similar to Disable Content-Security-Policy:
Always Disable Content-Security-Policy
Unknown
Content Security Policy Override
https://rufflewind.com
CORS Unblock
balvin.perrie
Ignore X-Frame headers
Guillaume Ryder
Content Security Policy (CSP) Generator
https://csper.io/
Cross Domain - CORS
Mai Tan
Disable Content Security Policy
Mywait
Requestly: Supercharge your Development & QA
https://requestly.com
Resource Override
Kyle Paulsen
CSP Unblock
balvin.perrie
Allow CORS: Access-Control-Allow-Origin
Muyor
CSP Evaluator
ise-seam-core@google.com
Popular extensions / apps
Here are some popular extensions / apps that you might be interested in:
Ad Blocker: Stands AdBlocker
https://standsapp.org

Adblock Plus
Adblock Plus
Sider: Chat with all AI models (DeepSeek, Gemini, Claude, etc.)
https://sider.ai
Audible: Audio Entertainment
Audible, Inc.
vidIQ Vision for YouTube
http://vidiq.com/
Photoroom AI Photo Editor
Photoroom AI Photo Editor
DeepL: translate and write with AI
https://deepl.com
RoboForm Password Manager
https://www.roboform.com/
Pocket FM: Audio Series
Pocket FM Corp.
BB: Banco, Conta, Pix, Crédito
Banco do Brasil SA
ChatGPT Writer: Use AI on Any Site (GPT-4.1, Claude, Gemini, and More)
https://chatgptwriter.ai
Microsoft Teams
Microsoft Corporation