Install CSP headers on arbitrary websites
Casper Enforcer allows you to install and analyze Content-Security-Policy headers on any website. If you need a report-uri, checkout https://csper.io.
- (2020-03-24) Mr.康康: 很好的插件，可以帮助CSP的生产和调试，祝好开发者
- (2016-09-11) Shaun Mangelsdorf: Works well and easy to use 👍
- (2014-12-22) Neil Matatall: It's helped me set a baseline policy for multiple sites. Sup.
- (2020-05-08, v:0.7) Vlad Lasky: Add field frame-src
Hello, thank you for creating Caspr: Enforcer. I have found it very useful for creating and troubleshooting CSP. Can you please add 'frame-src' to the list of fields that can be individually specified. Thanks!
- (2020-02-10, v:0.7) martixy: Does not work on all sites - possibly service-worker related?
For example I tried using this on twitter, and it fails to modify the CSP.
- (2018-04-07, v:0.7) upgrade-insecure-requests
Why strip it?