https://github.com/lisonge/disable-csp

A browser extension to disable http header Content-Security-Policy and html meta Content-Security-Policy
https://github.com/lisonge/disable-csp

chrome chrome-extension content-security-policy csp edge edge-extension

Last synced: 8 months ago
JSON representation

A browser extension to disable http header Content-Security-Policy and html meta Content-Security-Policy

• Host: GitHub
• URL: https://github.com/lisonge/disable-csp
• Owner: lisonge
• Created: 2023-07-20T07:55:57.000Z (over 2 years ago)
• Default Branch: main
• Last Pushed: 2024-06-04T04:00:51.000Z (over 1 year ago)
• Last Synced: 2025-03-26T18:12:30.042Z (9 months ago)
• Topics: chrome, chrome-extension, content-security-policy, csp, edge, edge-extension
• Language: TypeScript
• Homepage:
• Size: 103 KB
• Stars: 62
• Watchers: 3
• Forks: 8
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# Disable-CSP

A browser extension to disable http header Content-Security-Policy and html meta Content-Security-Policy

In the process of website development and testing, we inevitably need to inject cross-domain resources into some websites, but Content-Security-Policy prevents this. So you can use this extension to disable Content-Security-Policy so that you have a better development experience

- disable http header csp

- disable html meta csp (**must open devtools**)

![image](https://github.com/lisonge/Disable-CSP/assets/38517192/530218b5-2183-4c5a-9801-315fdadd6f93)

## Install

- [releases](https://github.com/lisonge/Disable-CSP/releases)

- [chrome webstore](https://chrome.google.com/webstore/detail/disable-csp/hgegihapiofjgmmgigbblnjaicgjhoko)

- [edge addons](https://microsoftedge.microsoft.com/addons/detail/disablecsp/kleofklkancfimlfjhkjegnljkpjafcc)

## Sample

  http header csp

![image](https://github.com/lisonge/Disable-CSP/assets/38517192/08a00a09-873d-4044-a4b4-f7abb7018734)

  disable http header csp 

![image](https://github.com/lisonge/Disable-CSP/assets/38517192/d5bf1e81-5482-4479-a8ed-17df47a5643c)

  html meta csp

![image](https://github.com/lisonge/Disable-CSP/assets/38517192/cc223640-6e8e-4935-b356-828e1c0de75e)

  disable html meta csp (**must open devtools**)

![image](https://github.com/lisonge/Disable-CSP/assets/38517192/18486f78-101c-4964-9de4-2a2a91387708)

## Permission Specification

1.declarativeNetRequest: disable http header Content-Security-Policy, remove response headers

2.debugger: disable http meta Content-Security-Policy, attach devtools then modify http response body

3.storage: save disable/enable csp user config

4.tabs: disable http meta Content-Security-Policy, attach the current tabId of devtools then modify http response body

5.host_permissions: disable the Content-Security-Policy of any host