CSP Lab

CSP Lab is designed to help you develop a Content Security Policy for your website.

It appears as a tab in the DevTools and it has three modes:

1. In "Existing" mode, it will evaluate the Content Security Policies on the sites that you visit

2. In "Suggest" mode, it will add replace any existing CSP header with a Report-Only header designed to send reports to a service that you run locally. This service will provide you with a CSP that will cover all the reported violations. This mode makes it easy to generate a starter CSP for a website that has never had one before.

3. In "Override" mode, you can specify a CSP that will add a CSP to a site that has none, or replace the one that is there. This mode is designed for testing and tweaking your CSP before you actually deploy it to your site.