CSP Evaluator
CSP Evaluator is a tool that allows developers to check if a Content Security Policy (CSP) serves as mitigation against XSS attacks.
Automatically generate content security policy headers online for any website.
按已采集快照查看用户数变化。
展示最近 7 日窗口内已采集的评分快照,辅助判断近期评分是否稳定。
同口径展示 1 天、7 天、30 天的绝对增长与增长率。
查看发布时间、版本、支持语言、最近更新和抓取时间。
查看插件说明、主要功能和适用场景。
Content Security Policy (CSP) Generator is a chrome extension for automatically generating Content Security Policy headers on any website in minutes.
Built by: https://csper.io
--
Learn more about CSP:
https://www.youtube.com/watch?v=LBIANHdBoUA
https://csper.io/docs/content-security-policy
查看最近评论和评分分布。
商店综合星级:4.6。下方星级分布只统计已同步评论正文;如果某个插件只有公开分数、没有真实评论正文,这里可能为空。
查看 Chrome 商店详情页中的相关产品。
CSP Evaluator is a tool that allows developers to check if a Content Security Policy (CSP) serves as mitigation against XSS attacks.
A Chrome Extension built to check the presence of embedded security headers.
Disable Content-Security-Policy for web application testing. When the icon is coloured, CSP headers are disabled.
Get all css rules used by the selected DOM and its descendants.
Prints useful information to the JavaScript console by enabling the debug version of the Google Analytics Javascript.
Accessibility Checker for Developers, Testers, and Designers in Chrome
This is, excuse me, a damn fine extension. I've used I can't tell you how many extensions in my life and this is one of the best.
helpful tool, thank you
很好用,用上后那些打不开的站点全部可以完美的打开
looks like a really helpful tool. at one point it broke access to my site though and pages would not load
I found this extension very useful, but it stopped working. It was working month or two ago, but now it is not generating policies at all
$7 per month .. should be stated upfront.. looks handy tool but dont like being tricked into having to pay for simple 1 time report.
It was surprisingly easy to generate a content security policy with this tool with my limited csp knowledge. Thanks for creating this extension!
Super helpful extension! Finding edge cases in CSP is definitely annoying, but this saved me a lot of time. I think there were some edge cases with blobs that weren't covered, but great product nonetheless.
Made it really easy to add a CSP to the site I'm building. I had to make sure I hit every possible interaction, but this cut down the iteration time for finding violations so much I'm not sure I can even estimate it. I'm sure I'll still find some violations from oddball browser combinations, but sending the reports to csper.io makes it easy to track and add those as they come in.