DisCORS

Overview

This extension allows disabling common security headers (CORS, CSP, X-FRAME-OPTIONS...) for a selected list of targets.

This extension allows user to select and disable some common HTTP security headers for a specific site or list of sites. NOTE: Disabling HTTP security headers is NOT recommended. Please use it at your own risk for experiments/development purposes only. DisCORS comes with 2 modes: ACTIVATED or DEACTIVATED. DEACTIVATED Mode: You can DEACTIVATE the extension anytime to disable the security header bypass and go back to your normal browsing experience. DisCORS will not interfere with any of your browsing settings. ACTIVATED Mode: You can ACTIVATE the extension anytime to enable the security header bypass. DisCORS will modify/remove the appropriate security header based on your configuration. - CORS headers: If enabled, DisCORS will bypass Access-Control-Allow-Origin & Access-Control-Allow-Methods header for the responses from targeted sites. - COOP/COEP/CORP: If enabled, DisCORS will bypass Cross-Origin-Opener-Policy & Cross-Origin-Embedder-Policy & Cross-Origin-Resource-Policy header for the responses from targeted sites. - X-Frame-Options: If enabled, DisCORS will bypass X-Frame-Options header for the responses from targeted sites. - Content-Security-Policy: If enabled, DisCORS will bypass Content-Security-Policy header for the responses from targeted sites. - Permissions-Policy: If enabled, DisCORS will bypass Permissions-Policy header for the responses from targeted sites. User can specify a list of target sites (or leave the list empty to target ALL sites) and only the responses from the targeted sites will be modified.

0 out of 5 No ratings
Learn more about results and reviews.

Details

Version

1.0
Updated

July 29, 2024
Flag concern
Offered by

Han Tran
Size

45.21KiB
Languages

English (United States)
Developer

Email

tranbhan@gmail.com
Non-trader

This developer has not identified itself as a trader. For consumers in the European Union, please note that consumer rights do not apply to contracts between you and this developer.

Privacy

The developer has disclosed that it will not collect or use your data. To learn more, see the developer’s privacy policy .

This developer declares that your data is

Not being sold to third parties, outside of the approved use cases
Not being used or transferred for purposes that are unrelated to the item's core functionality
Not being used or transferred to determine creditworthiness or for lending purposes

Support

Extension Auditor Pro - Assess Risk & Improve Browser Security Posture

5.0

Assess, and monitor browser extensions for security and privacy risks. Improve your Browser Security Posture and Stay Safe Oonline.

Toggle 3rd Party Cookies

0.0

Toggle the setting 'Block 3rd Party Cookies'

Code Minifier (JS, CSS, HTML)

5.0

A lite and free JavasScript, CSS and HTML minifier for your browser.

CSP Unblock

4.4

No more Content-Security-Policy limitations. This extension removes all CSP-related headers during website testing.

CORS Unblock

5.0

Temporarily unblock CORS for development and testing purposes

File Downloader Bypassing CORS

5.0

This extension takes a list of file URLs and then downloads all of them bypassing CORS restrictions

CORS Bypass

5.0

when enabled, add the header 'Access-Control-Allow-Origin: *' to the response to resolve CORS errors.

Disable Content Security Policy

4.2

A extension that set csp value empty

ignore-x-frame-options

4.3

ignore x-frame-options

Same Origin Method Execution - Targeting Tool

5.0

Returns a string representing a target reference for active DOM elements designed for hijacking a method execution in a SOME attack.

Allow X-Frame-Options

5.0

Easily remove X-Frame-Options from the response header.

Anti-CORS, anti-CSP

4.6

Enable cross origin requests blocked by CORS or CSP. Disable CORS and CSP in selected hostnames, preserve security of other websites