Compare Chrome extensions: Disable Content-Security-Policy vs Always Disable Content-Security-Policy
Stats | Disable Content-Security-Policy | Always Disable Content-Security-Policy |
---|---|---|
User count | 60,000+ | 10,000+ |
Average rating | 3.65 | 3.67 |
Rating count | 82 | 15 |
Last updated | 2020-05-06 | 2020-01-10 |
Size | 24.09K | 13.52K |
Version | 3.0.0 | 1.0.7 |
Short description | |
---|---|
Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled. | Always Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled. |
Full summary | |
Use at your own risk. This disables the Content-Security-Policy header for a tab. Use this when testing what resources a new third-party tag includes onto the page. Click the extension icon to disable Content-Security-Policy header for the tab. Click the extension icon again to re-enable Content-Security-Policy header. Use this only as a last resort. Disabling Content-Security-Policy means disabling features designed to protect you from cross-site scripting. Prefer to use report-uri which instructs the browser to send CSP violations to a URI. That allows you keep Content-Security-Policy enabled in your browser but still know what got blocked. https://report-uri.com is a free tool that gives you a web interface to inspect CSP violations on your site. |
This is a fork of Phil Grayson's extension with the only difference being that this one disables the headers by default. Original: https://chrome.google.com/webstore/detail/disable-content-security/ieelmcmcagommplceebfedjlakkhpden Use at your own risk. Disables the current page's Content Security Policy. Useful when testing what resources a new third-party tag includes onto the page. Click the extension icon to re-enable CSP headers. Click the extension icon again to disable CSP headers. Use this only as a last resort. Disabling CSP means disabling features designed to protect you from cross-site scripting. Prefer to use report-uri which instructs the browser to send CSP violations to a URI. That allows you keep CSP enabled in your browser but still know what got blocked. https://report-uri.com is a free tool that gives you a web interface to inspect CSP violations on your site. |