Always Disable Content-Security-Policy

CRX ID

ffelghdomoehpceihalcnbmnodohkibj

Status

No Privacy Policy
Live on Store

Description from extension meta

Always Disable Content-Security-Policy for web application testing. When the icon is coloured, CSP headers are disabled.

Image from store

Description from store

This is a fork of Phil Grayson's extension with the only difference being that this one disables the headers by default. Original: https://chrome.google.com/webstore/detail/disable-content-security/ieelmcmcagommplceebfedjlakkhpden
Use at your own risk. Disables the current page's Content Security Policy. Useful when testing what resources a new third-party tag includes onto the page.

Click the extension icon to re-enable CSP headers. Click the extension icon again to disable CSP headers.

Use this only as a last resort. Disabling CSP means disabling features designed to protect you from cross-site scripting. Prefer to use report-uri which instructs the browser to send CSP violations to a URI. That allows you keep CSP enabled in your browser but still know what got blocked. https://report-uri.com is a free tool that gives you a web interface to inspect CSP violations on your site.

Latest reviews

hailong hu 2024-07-30: Very effective
Jordan Embry 2024-03-05: Only works when I disable then enable and refresh. Doesn't always disable when I want it to. Should be a easy fix. If there was a way to always enable then disable on every refresh it would work as intended.
V Cizek 2023-08-10: This one works for me, even for using with Luigi project, which loads pages in iframes. Love this extension! Thank you.
V Cizek 2023-08-10: This one works for me, even for using with Luigi project, which loads pages in iframes. Love this extension! Thank you.
Nikolay Lanets 2023-08-02: Works. Thanks!
Nikolay Lanets 2023-08-02: Works. Thanks!
Matt Keperling 2022-12-08: It no longer works.
Matt Keperling 2022-12-08: It no longer works.
PossessWithin 2022-09-24: Excellent, thank you very much!
PossessWithin 2022-09-24: Excellent, thank you very much!
Karmylr 2022-02-17: not always disable
Karmylr 2022-02-17: not always disable
Jon Anders Sylvarnes 2022-02-16: Does not work
Jon Anders Sylvarnes 2022-02-16: Does not work
Vladislav Osaulenko 2021-04-13: It doesn't work for <meta content="...">
Vladislav Osaulenko 2021-04-13: It doesn't work for <meta content="...">
Ron Moses 2021-04-13: Doesn't appear to work. There's a work site I'm having trouble with due to a CSP issue. This extension has no effect in disabling those policies; they still appear in the Chrome console and disable the site.
Ron Moses 2021-04-13: Doesn't appear to work. There's a work site I'm having trouble with due to a CSP issue. This extension has no effect in disabling those policies; they still appear in the Chrome console and disable the site.
NEA 2020-12-11: its just works. thats what i need
NEA 2020-12-11: its just works. thats what i need
Jaime Lozano 2020-11-13: Only CSP plugin that worked. Thanks!
Jaime Lozano 2020-11-13: Only CSP plugin that worked. Thanks!
Sam Gurdus 2020-10-30: Works great! Super happy with this extension.
Sam Gurdus 2020-10-30: Works great! Super happy with this extension.
Naveen Kumarasinghe 2020-09-27: Very simple and works!
Naveen Kumarasinghe 2020-09-27: Very simple and works!
Rudie Dirkx 2020-09-02: Works for Github, which definitely has CSP on. Buttt doesn't work for https://f95zone.to/ which must have CSP on, because my bookmarklet doesn't work, and Chrome complains about a very specific f95zone CSP header. Why?
Rudie Dirkx 2020-09-02: Works for Github, which definitely has CSP on. Buttt doesn't work for https://f95zone.to/ which must have CSP on, because my bookmarklet doesn't work, and Chrome complains about a very specific f95zone CSP header. Why?
YASH PAHALAJANI 2020-08-15: It does what is says :100:
YASH PAHALAJANI 2020-08-15: It does what is says :100:

Extension Actions