Item logo image for CSP Unblock

    CSP Unblock

    4.4 (

    5 ratings

     )
    Extension Developer Tools 7,000 users
    Item media 1 (screenshot) for CSP Unblock

    Overview

    No more Content-Security-Policy limitations. This extension removes all CSP-related headers during website testing.

    This extension removes the following CSP-related response headers to remove limitations caused by CSP. 1. "content-security-policy" header 2. "content-security-policy-report-only" header 3. "x-webkit-csp" header 4. "x-content-security-policy" header Use Cases: 1. This extension can temporarily remove the limitations of CSP so that the developer can test inline and remote scripts. Also, you can load different cross-origin resources without any limitation. 2. Allow a website to load a remote worker script 3. Allow a website to play remote media Notes: 1. Disable the extension when you are browsing the internet. By removing CSP, the website's protection reduces significantly which might harm you. 2. The extension removes specified CSP-related headers from the top-frame and all sub-frame elements Definitions: "content-security-policy" header: The HTTP Content-Security-Policy response header allows website administrators to control resources the user agent is allowed to load for a given page. With a few exceptions, policies mostly involve specifying server origins and script endpoints. This helps guard against cross-site scripting attacks (Cross-site_scripting). "content-security-policy-report-only" header: The HTTP Content-Security-Policy-Report-Only response header allows web developers to experiment with policies by monitoring (but not enforcing) their effects. These violation reports consist of JSON documents sent via an HTTP POST request to the specified URI.

    4.4 out of 5 5 ratings

    Learn more about results and reviews.

    Details

    • Version
      0.1.2
    • Updated
      August 26, 2025
    • Offered by
      balvin.perrie
    • Size
      114KiB
    • Languages
      English
    • Developer
      Email
      balvin.perrie@gmail.com
    • Non-trader
      This developer has not identified itself as a trader. For consumers in the European Union, please note that consumer rights do not apply to contracts between you and this developer.

    Privacy

    The developer has disclosed that it will not collect or use your data. To learn more, see the developer’s privacy policy .

    This developer declares that your data is

    • Not being sold to third parties, outside of the approved use cases
    • Not being used or transferred for purposes that are unrelated to the item's core functionality
    • Not being used or transferred to determine creditworthiness or for lending purposes

    Support

    For help with questions, suggestions, or problems, visit the developer's support site

    Related

    CORS Unblock

    4.1

    No more CORS error by appending 'Access-Control-Allow-Origin: *' header to local and remote web requests when enabled

    CORS Unblocker

    5.0

    Temporarily bypass CORS restrictions to streamline development and testing workflows.

    Disable-CSP

    5.0

    A browser extension to disable http header Content-Security-Policy and html meta Content-Security-Policy

    Medoz Get Token Cookie

    0.0

    Medoz Get Token Cookie By Medoz

    Allow CSP: Content-Security-Policy

    4.0

    Easily remove CSP (Content-Security-Policy) rules from the response header.

    Disable Content Security Policy

    4.2

    A extension that set csp value empty

    Cross Domain - CORS

    3.9

    Cross Domain will help you to deal with cross domain - CORS problem. This is tool helpful when face with cross domain issue.

    CORS Unblock

    5.0

    Temporarily unblock CORS for development and testing purposes

    Open link in same tab, pop-up as tab by thuongvt

    3.3

    Forces Chrome to open new tabs instead of pop-up windows and/or links in the same tab by default instead of new or background tab.

    Anti-CORS, anti-CSP

    5.0

    Enable cross origin requests blocked by CORS or CSP. Disable CORS and CSP in selected hostnames, preserve security of other websites

    AI Code Preview

    5.0

    Preview, copy, and download code from AI responses. Supports HTML+CSS+JS, React components, and Vue single-file components.

    Disable Content-Security-Policy

    3.6

    Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.

    CORS Unblock

    4.1

    No more CORS error by appending 'Access-Control-Allow-Origin: *' header to local and remote web requests when enabled

    CORS Unblocker

    5.0

    Temporarily bypass CORS restrictions to streamline development and testing workflows.

    Disable-CSP

    5.0

    A browser extension to disable http header Content-Security-Policy and html meta Content-Security-Policy

    Medoz Get Token Cookie

    0.0

    Medoz Get Token Cookie By Medoz

    Allow CSP: Content-Security-Policy

    4.0

    Easily remove CSP (Content-Security-Policy) rules from the response header.

    Disable Content Security Policy

    4.2

    A extension that set csp value empty

    Cross Domain - CORS

    3.9

    Cross Domain will help you to deal with cross domain - CORS problem. This is tool helpful when face with cross domain issue.

    CORS Unblock

    5.0

    Temporarily unblock CORS for development and testing purposes
    Google apps
    Create a Mobile Website
    View Site in Mobile | Classic
    Share by: