Item logo image for CSP Evaluator

CSP Evaluator

3.1 (

31 ratings

)
Item media 2 (screenshot) for CSP Evaluator
Item media 1 (screenshot) for CSP Evaluator
Item media 2 (screenshot) for CSP Evaluator
Item media 1 (screenshot) for CSP Evaluator
Item media 1 (screenshot) for CSP Evaluator
Item media 2 (screenshot) for CSP Evaluator

Overview

CSP Evaluator is a tool that allows developers to check if a Content Security Policy (CSP) serves as mitigation against XSS attacks.

CSP Evaluator is a small tool that allows developers and security experts to check if a Content Security Policy (CSP) serves as a strong mitigation against cross-site scripting attacks. Reviewing CSP policies is usually a very manual process and most developers are not aware of CSP bypasses. CSP Evaluator checks are based on a large-scale empirical study and are aimed to help developers to harden their CSP. This tool is provided only for the convenience of developers and Google provides no guarantees or warranties for this tool.

3.1 out of 5 31 ratings

Learn more about results and reviews.

Details

  • Version
    0.3.3
  • Updated
    April 4, 2025
  • Size
    296KiB
  • Languages
    English
  • Developer
    Email
    ise-seam-core@google.com
  • Non-trader
    This developer has not identified itself as a trader. For consumers in the European Union, please note that consumer rights do not apply to contracts between you and this developer.

Privacy

The developer has disclosed that it will not collect or use your data.

This developer declares that your data is

  • Not being sold to third parties, outside of the approved use cases
  • Not being used or transferred for purposes that are unrelated to the item's core functionality
  • Not being used or transferred to determine creditworthiness or for lending purposes

Support

For help with questions, suggestions, or problems, visit the developer's support site

Related

Analytics Debugger

4.6

Your Single Source of Truth (SSOT) for debugging analytics implementations

Allow CSP: Content-Security-Policy

4.0

Easily remove CSP (Content-Security-Policy) rules from the response header.

Requestly: Supercharge your Development & QA

4.4

Features: Intercept & Modify HTTPs Requests, API Mocking, GraphQL Mocking, Rest API Client, API Testing, Modify HTTP Headers, etc

Vulners Web Scanner

4.6

Tiny vulnerability scanner based on vulners.com vulnerability database. Passively scan websites while you surf internet!

Content Security Policy (CSP) Generator

4.4

Automatically generate content security policy headers online for any website.

axe DevTools - Web Accessibility Testing

3.9

Accessibility Checker for Developers, Testers, and Designers in Chrome

WAVE Evaluation Tool

4.1

Evaluate web accessibility within your browser.

Security-Header-Extension

4.9

A Chrome Extension built to check the presence of embedded security headers.

OWASP Penetration Testing Kit

4.8

OWASP Penetration Testing Kit

Disable Content-Security-Policy

3.6

Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.

Datalayer Checker

4.5

The easiest way to debug and check the dataLayer implementations without having to use the browser console!

Google Analytics Debugger

4.2

Prints useful information to the JavaScript console by enabling the debug version of the Google Analytics Javascript.

Analytics Debugger

4.6

Your Single Source of Truth (SSOT) for debugging analytics implementations

Allow CSP: Content-Security-Policy

4.0

Easily remove CSP (Content-Security-Policy) rules from the response header.

Requestly: Supercharge your Development & QA

4.4

Features: Intercept & Modify HTTPs Requests, API Mocking, GraphQL Mocking, Rest API Client, API Testing, Modify HTTP Headers, etc

Vulners Web Scanner

4.6

Tiny vulnerability scanner based on vulners.com vulnerability database. Passively scan websites while you surf internet!

Content Security Policy (CSP) Generator

4.4

Automatically generate content security policy headers online for any website.

axe DevTools - Web Accessibility Testing

3.9

Accessibility Checker for Developers, Testers, and Designers in Chrome

WAVE Evaluation Tool

4.1

Evaluate web accessibility within your browser.

Security-Header-Extension

4.9

A Chrome Extension built to check the presence of embedded security headers.

Google apps
Create a Mobile Website
View Site in Mobile | Classic
Share by: