CSP Unblock
Item media 1 screenshot

Overview

No more Content-Security-Policy limitations. This extension removes all CSP-related headers during website testing.

This extension removes the following CSP-related response headers to remove limitations caused by CSP. 1. "content-security-policy" header 2. "content-security-policy-report-only" header 3. "x-webkit-csp" header 4. "x-content-security-policy" header Use Cases: 1. This extension can temporarily remove the limitations of CSP so that the developer can test inline and remote scripts. Also, you can load different cross-origin resources without any limitation. 2. Allow a website to load a remote worker script 3. Allow a website to play remote media Notes: 1. Disable the extension when you are browsing the internet. By removing CSP, the website's protection reduces significantly which might harm you. 2. The extension removes specified CSP-related headers from the top-frame and all sub-frame elements Definitions: "content-security-policy" header: The HTTP Content-Security-Policy response header allows website administrators to control resources the user agent is allowed to load for a given page. With a few exceptions, policies mostly involve specifying server origins and script endpoints. This helps guard against cross-site scripting attacks (Cross-site_scripting). "content-security-policy-report-only" header: The HTTP Content-Security-Policy-Report-Only response header allows web developers to experiment with policies by monitoring (but not enforcing) their effects. These violation reports consist of JSON documents sent via an HTTP POST request to the specified URI.

5 out of 51 rating

Google doesn't verify reviews. Learn more about results and reviews.

Details

  • Version
    0.1.1
  • Updated
    May 23, 2022
  • Offered by
    balvin.perrie
  • Size
    114KiB
  • Languages
    English
  • Developer
    Email
    balvin.perrie@gmail.com
  • Non-trader
    This developer has not identified itself as a trader. For consumers in the European Union, please note that consumer rights do not apply to contracts between you and this developer.

Privacy

The developer has disclosed that it will not collect or use your data. To learn more, see the developer’s privacy policy.

This developer declares that your data is

  • Not being sold to third parties, outside of the approved use cases
  • Not being used or transferred for purposes that are unrelated to the item's core functionality
  • Not being used or transferred to determine creditworthiness or for lending purposes

Support

For help with questions, suggestions, or problems, visit the developer's support site

Related

Content Security Policy Override

4.2(9)

Modify the Content Security Policy of web pages.

Allow CORS: Access-Control-Allow-Origin

3.4(267)

Easily add (Access-Control-Allow-Origin: *) rule to the response header.

Disable Content-Security-Policy

3.6(82)

Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.

CORS Unblock

4.2(150)

No more CORS error by appending 'Access-Control-Allow-Origin: *' header to local and remote web requests when enabled

Allow CSP: Content-Security-Policy

5.0(1)

Easily remove CSP (Content-Security-Policy) rules from the response header.

Content Security Policy (CSP) Generator

4.2(11)

Automatically generate content security policy headers online for any website.

Always Disable Content-Security-Policy

3.7(15)

Always Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.

Disable Content Security Policy

4.2(5)

A extension that set csp value empty

Cross Domain - CORS

4.0(64)

Cross Domain will help you to deal with cross domain - CORS problem. This is tool helpful when face with cross domain issue.

CSP Evaluator

3.1(25)

CSP Evaluator is a tool that allows developers to check if a Content Security Policy (CSP) serves as mitigation against XSS attacks.

Policy Control

4.3(3)

Gain complete control over all content settings (cookie, images, javascript, etc.).

Allow X-Frame-Options

5.0(3)

Easily remove X-Frame-Options from the response header.

Content Security Policy Override

4.2(9)

Modify the Content Security Policy of web pages.

Allow CORS: Access-Control-Allow-Origin

3.4(267)

Easily add (Access-Control-Allow-Origin: *) rule to the response header.

Disable Content-Security-Policy

3.6(82)

Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.

CORS Unblock

4.2(150)

No more CORS error by appending 'Access-Control-Allow-Origin: *' header to local and remote web requests when enabled

Allow CSP: Content-Security-Policy

5.0(1)

Easily remove CSP (Content-Security-Policy) rules from the response header.

Content Security Policy (CSP) Generator

4.2(11)

Automatically generate content security policy headers online for any website.

Always Disable Content-Security-Policy

3.7(15)

Always Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.

Disable Content Security Policy

4.2(5)

A extension that set csp value empty

Google apps