Disable Content Security Policy

it cola bypass red,it's that are it working.when xss. enable the that refresh gray,it's it policy(csp). click you disable know content under you 如果没作用，刷新页面试试。 being 一个帮助你禁用csp的扩展。 the or extension it,you work,try not. security you me. not 点击可乐icon，红色代表csp被禁用，灰色代表csp正在生效。 if if 你应该知道禁用后你就处于xss攻击的风险下了。 or contact icon.when attacked to risk should turns page helps the a turns by