Disable Content-Security-Policy

Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.

What is Disable Content-Security-Policy?

'Disable Content-Security-Policy' is a Chrome Extension providing a tool for web application testing. When activated, it deactivates the Content-Security-Policy header in a selected tab, giving testers the ability to see what resources new third-party tags include on the page. Remember to utilize it cautiously; disabling the Content-Security-Policy can potentially expose you to cross-site scripting. A safer alternative is to use report-uri to record and inspect CSP violations.

Download

Stats

By: Phil Grayson

View on Chrome Web Store

Users: 60,000+

Rating: 3.65 (82)

Version: 3.0.0 (Last updated: 2020-05-06)

Creation date: 2020-05-06

Risk impact: Moderate risk impact

Risk likelihood: Low risk likelihood

Manifest version: 2

Permissions:

webRequest
webRequestBlocking
browsingData
activeTab

Size: 24.09K

URLs: Website

Stats date:

Chrome-Stats Rank

# 3580 ▼ 29

Other rankings

#5318 in Developer Tools ▼ 7

#5 in policy keyword 11 ▼ 3

#11 in disable keyword 33 ▼ 2

#19 in security keyword 86 ▲ 5

#88 in header keyword 45 ▼ 5

Upgrade to see more rankings

Other platforms

Not available on Firefox

Disable Content-Security-Policy (v3.0.0)

0.00 (0) 2,365+

Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.

Summary

Analyze keywords

Use at your own risk. This disables the Content-Security-Policy header for a tab. Use this when testing what resources a new third-party tag includes onto the page.

Click the extension icon to disable Content-Security-Policy header for the tab. Click the extension icon again to re-enable Content-Security-Policy header.

Use this only as a last resort. Disabling Content-Security-Policy means disabling features designed to protect you from cross-site scripting. Prefer to use report-uri which instructs the browser to send CSP violations to a URI. That allows you keep Content-Security-Policy enabled in your browser but still know what got blocked. https://report-uri.com is a free tool that gives you a web interface to inspect CSP violations on your site.

User reviews

User reviews summary

These summaries are automatically generated weekly using AI based on recent user reviews. Chrome Web Store does not verify user reviews, so some user reviews may be inaccurate, spammy, or outdated.

Pros

Works well on some websites
Easy to use and toggle
Useful for running translation scripts on Github

Cons

Doesn't work on all websites
Doesn't remember its state and needs to be toggled frequently
Doesn't work on latest Chrome/Chromium versions

Most mentioned

Doesn't work
Works like a charm
Failed to eliminate CSP policy restriction

Recent reviews

It works

ethan, 2024-04-11

Working fine in April/2019. Had issues while logging into an account. It says I have to verify captcha, but didn't show me anything to click on, it was a blank field. So I jumped on google, found this extension, was little worried if it's scam and not doing what it's should do but wow! that's why I wrote this review. Super happy. I installed it, gave it a try. Had to click on its symbol in the plugin toolbar next to the url field. Refreshed the tap and there we go! Super happy, big thanks!

Max Plore, 2019-04-08

Did not find better way to bypass CSP set by HTML publisher in Jenkins.

Mark0 J, 2018-09-27

View all user reviews

Safety

Risk impact

Disable Content-Security-Policy may not be safe to use and it requires some risky permissions. Exercise caution when installing this extension. Review carefully before installing.