Content Security Policy (CSP) Generator
Automatically generate content security policy headers online for any website.
CSP Evaluator is a tool that allows developers to check if a Content Security Policy (CSP) serves as mitigation against XSS attacks.
按已采集快照查看用户数变化。
展示最近 7 日窗口内已采集的评分快照,辅助判断近期评分是否稳定。
同口径展示 1 天、7 天、30 天的绝对增长与增长率。
查看发布时间、版本、支持语言、最近更新和抓取时间。
查看插件说明、主要功能和适用场景。
CSP Evaluator is a small tool that allows developers and security experts to check if a Content Security Policy (CSP) serves as a strong mitigation against cross-site scripting attacks. Reviewing CSP policies is usually a very manual process and most developers are not aware of CSP bypasses.
CSP Evaluator checks are based on a large-scale empirical study and are aimed to help developers to harden their CSP. This tool is provided only for the convenience of developers and Google provides no guarantees or warranties for this tool.
查看最近评论和评分分布。
商店综合星级:3.1。下方星级分布只统计已同步评论正文;如果某个插件只有公开分数、没有真实评论正文,这里可能为空。
查看 Chrome 商店详情页中的相关产品。
Automatically generate content security policy headers online for any website.
Accessibility Checker for Developers, Testers, and Designers in Chrome
A Chrome Extension built to check the presence of embedded security headers.
Intercept & modify HTTP(S) traffic: redirect URLs, modify headers, inject scripts, mock REST & GraphQL APIs, and more.
OWASP Penetration Testing Kit
Disable Content-Security-Policy for web application testing. When the icon is coloured, CSP headers are disabled.
I have a CSP but this doesn't detect it. So disappointed.
It doesn't detect meta CSP and it doesn't say anything about it on the description
For some unknown reason, when the extension was enabled, my browser sent additional requests to the sites. As a result, I lost a lot of hours debugging my site and trying to find the cause of the duplicate requests. As soon as I turned off the extension, the problem disappeared.
Macht wenig überraschend exakt das was dran steht. Keine Ahnung was an anderer Stelle schief gegangen ist, aber es funktioniert sogar in Edge.
Keeps crashing in Chrome 104
used it sometime ago and it was working just fine, with current version of chrome is not working anymore, it keeps crashing Version 104.0.5112.101
No CSP detected on any webpage.
liked it. saved me some headaches!!! was playing around for weeks to get my csp right! there's one drawback though. after copying it all to my policy file it bricked my wordpress login page. so i had to revert back using ftp access to my server to find the problem..... again.
No CSP detected on any webpage.
It doesn't detect meta CSPs which should have been stated in the extension details.