Disable Content-Security-Policy

Name: Disable Content-Security-Policy
Rating: 3.627659574468085 (94 reviews)
Author: Phil Grayson

Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.

Download

Install Compare

The Disable Content-Security-Policy Chrome extension is a specialized tool designed for web developers and testers to disable the Content-Security-Policy (CSP) header on a per-tab basis. By clicking the extension icon, users can disable CSP headers to observe how third-party tags and resources behave when CSP protections are lifted. Clicking again re-enables CSP for the tab.

This extension should be used with caution and as a last resort since disabling CSP removes critical security features that prevent cross-site scripting attacks. For safer CSP monitoring, developers are encouraged to use report-uri services (such as https://report-uri.com) that collect CSP violation reports without disabling protection. This extension is ideal for thorough testing and debugging scenarios where understanding resource loading without CSP restrictions is necessary.

Extension Developer Tools Privacy & Security Productivity

By:

Users:

Rating:

Version:

4.0.0 Last updated: 2024-09-03

Creation date:

2020-05-06

Risk:

Permissions:

storage
activeTab
browsingData
declarativeNetRequest

Size:

29.02KB

Email:

ph*****@philgrayson.com

URLs:

Full description:

Source:

Chrome Web Store

Updated:

a day ago

Ranking

# 3,137 ▲ 68

Other rankings

#6931 in Developer Tools ▼ 21

#2 in disable keyword 32

#2 in policy keyword 18

#9 in security keyword 67 ▼ 1

#70 in secure keyword 49 ▲ 1

Upgrade to see more rankings

Other platforms

Disable Content-Security-Policy (v3.0.0)

4,580 0.00

(0)

User reviews

User reviews for "Disable Content-Security-Policy" praise its effectiveness on certain sites and long-term reliable use by some, especially after refreshing or toggling. It helps bypass CSP and CORS errors enabling specific web functionalities. However, the extension is inconsistent across browsers like Chrome and Brave, often failing or requiring multiple toggles and refreshes. It sometimes fails to remove CSP headers fully, leading to persistent security errors. Overall, while valuable for some scenarios, its reliability and user experience can be frustrating due to inconsistent performance and lack of state retention.

Pros

Works effectively for some users over many years without issues.
Can enable functionality on specific websites that require CSP to be disabled, like Masmovil and GitHub translation scripts.
Generally works well after page refresh or toggling the extension.
Useful for avoiding CSP and some CORS errors.
Simple and effective when it works, described as "working like a charm" by multiple users.

Cons

Does not work consistently across all browsers or sites, especially reported issues in Chrome and Brave.
Requires toggling on and off or refreshing the page multiple times to take effect, and does not remember its state.
Does not fully disable CSP in all cases, some errors like "Refused to frame" still occur.
Sometimes has no observable effect and does not actually change CSP headers as expected.
Can cause Chromium to retain old CSP policies even after changes, resulting in persistent blocking errors.

Recent reviews

Doesn't work

Ty*****, 2025-05-04

работает но криво несколько раз нужно включить выключить

До*****, 2025-04-20

I've been using this one for probably 5 years for work and never had an issue.

Ry*****, 2024-11-21

View all user reviews ›

Extension safety

Risk impact

Risk impact measures the level of extra permissions an extension has access to. A low risk impact extension cannot do much harms, whereas a high risk impact extension can do a lot of damage like stealing your password, bypassing your security settings, and accessing your personal data. High risk impact extensions are not necessarily malicious. However, if they do turn malicious, they can be very harmful.

Disable Content-Security-Policy does not require any sensitive permissions.

Risk impact analysis details

Risk likelihood

Risk likelihood measures the probability that a Chrome extension may turn malicious. This is determined by the publisher and the Chrome extension reputation on Chrome Web Store, the amount of time the Chrome extension has been around, and other signals about the Chrome extension. Our algorithms are not perfect, and are subject to change as we discover new ways to detect malicious extensions. We recommend that you always exercise caution when installing a Chrome extension.

Disable Content-Security-Policy is probably trust-worthy. Prefer other publishers if available. Exercise caution when installing this extension.

Risk likelihood analysis details

High This extension has low user count. Unpopular extensions may not be stable or safe.
Low **** ********* *** ******* **** **** * ****** **** ***** ******** *** **** ****** ** ** ****** *** *****
Low **** ********* *** ***** **** **** * ****** **** ***** ********** *** **** ****** ** ** ****** *** *****
Good **** ********* *** **** **** *******

Upgrade to see full risk analysis details

Instantly check and monitor your browser extensions' risks and permissions with Extension Guard.