CSP Tester
Item logo image for CSP Tester

CSP Tester

Featured
3.7(

7 ratings

)
Item media 1 screenshot

Overview

This extension helps web masters to test web application behaviour with Content Security Policy version 2.0 implemented.

This extension helps web masters to test web application functionality with Content Security Policy (CSP) version 2.0 implemented. Typical workflow looks like: 1. Open the extension window 2. Add into the URL Pattern a regular expression for the site that you want to test, for example *://yoursite.com/* (CSP Tester uses Chrome Match Patterns) 3. Tick the e.g. "self" checkbox, check "Active" and Save the changes 4. Open the Developer Tools and navigate to the tested site 5. Confirm a number of CSP violations reported in the Developer Tools Console as well as possible visual changes 6. Make changes in the policy based on these reports

3.7 out of 57 ratings

Google doesn't verify reviews. Learn more about results and reviews.

Review's profile picture

Matt “CiderPunk” LanderApr 3, 2023

Very handy! i think the advanced mode is really all you need, weirdly it's way less complex than the default view, the only thing i could ask for is a bigger text box. Thanks!

Review's profile picture

A Chrome Web Store userApr 7, 2018

strips upgrade-insecure-requests; which is annoying

Details

  • Version
    2.1
  • Updated
    October 2, 2018
  • Offered by
    oxdef
  • Size
    16.61KiB
  • Languages
    English
  • Non-trader
    This developer has not identified itself as a trader. For consumers in the European Union, please note that consumer rights do not apply to contracts between you and this developer.

Privacy

The developer has not provided any information about the collection or usage of your data.

Related

Security-Header-Extension

4.8(5)

A Chrome Extension built to check the presence of embedded security headers.

Caspr: Enforcer

3.7(7)

Install CSP headers on arbitrary websites

Tamper Chrome (extension)

3.3(234)

Allows the user to modify requests as they happen.

retire.js

4.9(7)

Scanning website for vulnerable js libraries

CSP Evaluator

3.1(25)

CSP Evaluator is a tool that allows developers to check if a Content Security Policy (CSP) serves as mitigation against XSS attacks.

Content Security Policy Override

4.2(9)

Modify the Content Security Policy of web pages.

Allow CSP: Content-Security-Policy

5.0(1)

Easily remove CSP (Content-Security-Policy) rules from the response header.

PageSpeed Insights (MV3)

3.4(76)

Analyze the performance of your webpages and get specific suggestions on how to optimize them.

Clickjacking Test

4.3(9)

Clickjacking Test by Offcon Info Security

HTTP Header Spy

3.8(62)

HTTP Header Spy enables you to inspect request- response headers and cookies right after page load with no extra clicks.

Content Security Policy (CSP) Generator

4.2(11)

Automatically generate content security policy headers online for any website.

Disable Content-Security-Policy

3.6(81)

Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.

Security-Header-Extension

4.8(5)

A Chrome Extension built to check the presence of embedded security headers.

Caspr: Enforcer

3.7(7)

Install CSP headers on arbitrary websites

Tamper Chrome (extension)

3.3(234)

Allows the user to modify requests as they happen.

retire.js

4.9(7)

Scanning website for vulnerable js libraries

CSP Evaluator

3.1(25)

CSP Evaluator is a tool that allows developers to check if a Content Security Policy (CSP) serves as mitigation against XSS attacks.

Content Security Policy Override

4.2(9)

Modify the Content Security Policy of web pages.

Allow CSP: Content-Security-Policy

5.0(1)

Easily remove CSP (Content-Security-Policy) rules from the response header.

PageSpeed Insights (MV3)

3.4(76)

Analyze the performance of your webpages and get specific suggestions on how to optimize them.

Google apps