Item logo image for CSP Unblock

    CSP Unblock

    4.4 (

    5 ratings

     )
    Extension Developer Tools 9,000 users
    Item media 1 (screenshot) for CSP Unblock

    Overview

    No more Content-Security-Policy limitations. This extension removes all CSP-related headers during website testing.

    This extension removes the following CSP-related response headers to remove limitations caused by CSP. 1. "content-security-policy" header 2. "content-security-policy-report-only" header 3. "x-webkit-csp" and "x-webkit-csp-report-only" headers 4. "x-content-security-policy" and "x-content-security-policy-report-only" headers 5. reporting APIs ("report-to" and "reporting-endpoints") Use Cases: 1. This extension can temporarily remove the limitations of CSP so that the developer can test inline and remote scripts. Also, you can load different cross-origin resources without any limitation. 2. Allow a website to load a remote worker script 3. Allow a website to play remote media Notes: 1. Disable the extension when you are browsing the internet. By removing CSP, the website's protection reduces significantly which might harm you. 2. The extension removes specified CSP-related headers from the top-frame and all sub-frame elements Definitions: "content-security-policy" header: The HTTP Content-Security-Policy response header allows website administrators to control resources the user agent is allowed to load for a given page. With a few exceptions, policies mostly involve specifying server origins and script endpoints. This helps guard against cross-site scripting attacks (Cross-site_scripting). "content-security-policy-report-only" header: The HTTP Content-Security-Policy-Report-Only response header allows web developers to experiment with policies by monitoring (but not enforcing) their effects. These violation reports consist of JSON documents sent via an HTTP POST request to the specified URI.

    4.4 out of 5 5 ratings

    Learn more about results and reviews.

    Details

    • Version
      0.1.3
    • Updated
      January 5, 2026
    • Offered by
      balvin.perrie
    • Size
      114KiB
    • Languages
      English
    • Developer
      Email
      balvin.perrie@gmail.com
    • Non-trader
      This developer has not identified itself as a trader. For consumers in the European Union, please note that consumer rights do not apply to contracts between you and this developer.

    Privacy

    Manage extensions and learn how they're being used in your organization
    The developer has disclosed that it will not collect or use your data. To learn more, see the developer’s privacy policy .

    This developer declares that your data is

    • Not being sold to third parties, outside of the approved use cases
    • Not being used or transferred for purposes that are unrelated to the item's core functionality
    • Not being used or transferred to determine creditworthiness or for lending purposes

    Support

    For help with questions, suggestions, or problems, visit the developer's support site

    Related

    Disable Content-Security-Policy

    3.6

    Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.

    CORS Unblock

    4.1

    No more CORS error by appending 'Access-Control-Allow-Origin: *' header to local and remote web requests when enabled

    CORS Unblocker

    5.0

    Temporarily bypass CORS restrictions to streamline development and testing workflows.

    Disable-CSP

    3.7

    A browser extension to disable http header Content-Security-Policy and html meta Content-Security-Policy

    Allow CSP: Content-Security-Policy

    4.0

    Easily remove CSP (Content-Security-Policy) rules from the response header.

    Disable Content Security Policy

    4.2

    A extension that set csp value empty

    CORS Unblock

    4.8

    Temporarily unblock CORS for development and testing purposes

    CORS Unblock

    5.0

    Web apps cross-origin access with precise domain control and simple permissions.

    Medoz Meta

    5.0

    Medoz Meta Ad Accounts and Business Info By Medoz

    Anti-CORS, anti-CSP

    4.3

    Enable cross origin requests blocked by CORS or CSP. Disable CORS and CSP in selected hostnames, preserve security of other websites

    Unblocked Websites

    2.4

    Unblock websites & enjoy unhindered access to web content - using Unblocked Websites!

    AI Code Preview

    5.0

    Preview, copy, and download code from AI responses. Supports HTML+CSS+JS, React components, and Vue single-file components.

    Disable Content-Security-Policy

    3.6

    Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.

    CORS Unblock

    4.1

    No more CORS error by appending 'Access-Control-Allow-Origin: *' header to local and remote web requests when enabled

    CORS Unblocker

    5.0

    Temporarily bypass CORS restrictions to streamline development and testing workflows.

    Disable-CSP

    3.7

    A browser extension to disable http header Content-Security-Policy and html meta Content-Security-Policy

    Allow CSP: Content-Security-Policy

    4.0

    Easily remove CSP (Content-Security-Policy) rules from the response header.

    Disable Content Security Policy

    4.2

    A extension that set csp value empty

    CORS Unblock

    4.8

    Temporarily unblock CORS for development and testing purposes

    CORS Unblock

    5.0

    Web apps cross-origin access with precise domain control and simple permissions.
    Google apps
    Create a Mobile Website
    View Site in Mobile | Classic
    Share by: