Developer HubDownload FirefoxRegister or Log in
Preview of Laboratory (Content Security Policy / CSP Toolkit)

Laboratory (Content Security Policy / CSP Toolkit)by April King, Mozilla

Because good website security shouldn't only be available to mad scientists!

Laboratory is an experimental Firefox extension that helps you generate a Content Security Policy (CSP) header for your website.

Only with Firefox—Get Firefox Now
1,615
Users
17
Reviews
4.6 Stars
Screenshots
After recording, Laboratory generates a Content Security Policy that matches the resources your site uses.
If your site has inline script, it creates a policy that will work but warns you that it's dangerous.
With Laboratory, you can enforce custom Content Security Policies without having to change a single line of your web server's configuration!
About this extension
Laboratory is an Firefox extension that helps you generate a proper Content Security Policy (CSP) header for your website. Simply start recording, browse your site, and enjoy the CSP header that it produces.

Due to WebExtension dependencies, this add-on is not available for versions of Firefox prior to version 57.
Rate your experience
How are you enjoying Laboratory (Content Security Policy / CSP Toolkit)?

Star rating saved

Report this add-on for abuse

If you think this add-on violates Mozilla's add-on policies or has security or privacy issues, please report these issues to Mozilla using this form.

Please don't use this form to report bugs or request add-on features; this report will be sent to Mozilla and not to the add-on developer.

Dismiss
Add to collection
More information
Add-on Links
Version
3.0.5
Last updated
2 months ago (Nov 15, 2018)
License
Mozilla Public License, version 2.0
Version History
Usage Statistics
Visit stats dashboard
Permissions

This add-on can:

  • Access your data for all websites
  • Access browser tabs
  • Access browser activity during navigation
Learn more about permissions
Release notes for 3.0.5
- Brand new user interface
- Much faster performance
- Support for worker-src, form-action, unsafe-eval, and websockets
- Support for scheme sources
More extensions by these developers