Home

Awesome

Disable-CSP

A browser extension to disable http header Content-Security-Policy and html meta Content-Security-Policy

In the process of website development and testing, we inevitably need to inject cross-domain resources into some websites, but Content-Security-Policy prevents this. So you can use this extension to disable Content-Security-Policy so that you have a better development experience

image

Install

Sample

<details open> <summary>http header csp</summary>

image

</details> <details open> <summary>disable http header csp </summary>

image

</details> <details open> <summary>html meta csp</summary>

image

</details> <details open> <summary>disable html meta csp (**must open devtools**)</summary>

image

</details>

Permission Specification

1.declarativeNetRequest: disable http header Content-Security-Policy, remove response headers

2.debugger: disable http meta Content-Security-Policy, attach devtools then modify http response body

3.storage: save disable/enable csp user config

4.tabs: disable http meta Content-Security-Policy, attach the current tabId of devtools then modify http response body

5.host_permissions<all_urls>: disable the Content-Security-Policy of any host