CSP Unblock Autor: Balvin
No more Content-Security-Policy limitations. This extension removes all CSP-related headers during website testing.
Dostępne w Firefoksie na Androida™Dostępne w Firefoksie na Androida™
Metadane rozszerzenia
Zrzuty ekranu
O tym rozszerzeniu
This extension removes the following CSP-related response headers to remove limitations caused by CSP.
Use Cases:
1. This extension can temporarily remove the limitations of CSP so that the developer can test inline and remote scripts. Also, you can load different cross-origin resources without any limitation.
2. Allow a website to load a remote worker script
3. Allow a website to play remote media
Notes:
1. Disable the extension when you are browsing the internet. By removing CSP, the website's protection reduces significantly which might harm you.
2. The extension removes specified CSP-related headers from the top-frame and all sub-frame elements
Definitions:
"content-security-policy" header: The HTTP Content-Security-Policy response header allows website administrators to control resources the user agent is allowed to load for a given page. With a few exceptions, policies mostly involve specifying server origins and script endpoints. This helps guard against cross-site scripting attacks (Cross-site_scripting).
"content-security-policy-report-only" header: The HTTP Content-Security-Policy-Report-Only response header allows web developers to experiment with policies by monitoring (but not enforcing) their effects. These violation reports consist of JSON documents sent via an HTTP POST request to the specified URI.
- "content-security-policy" header
- "content-security-policy-report-only" header
- "x-webkit-csp" and "x-webkit-csp-report-only" headers
- "x-content-security-policy" and "x-content-security-policy-report-only" headers
- reporting APIs ("report-to" and "reporting-endpoints")
Use Cases:
1. This extension can temporarily remove the limitations of CSP so that the developer can test inline and remote scripts. Also, you can load different cross-origin resources without any limitation.
2. Allow a website to load a remote worker script
3. Allow a website to play remote media
Notes:
1. Disable the extension when you are browsing the internet. By removing CSP, the website's protection reduces significantly which might harm you.
2. The extension removes specified CSP-related headers from the top-frame and all sub-frame elements
Definitions:
"content-security-policy" header: The HTTP Content-Security-Policy response header allows website administrators to control resources the user agent is allowed to load for a given page. With a few exceptions, policies mostly involve specifying server origins and script endpoints. This helps guard against cross-site scripting attacks (Cross-site_scripting).
"content-security-policy-report-only" header: The HTTP Content-Security-Policy-Report-Only response header allows web developers to experiment with policies by monitoring (but not enforcing) their effects. These violation reports consist of JSON documents sent via an HTTP POST request to the specified URI.
Ocenione na 0 przez 0 recenzentów
Uprawnienia i dane
Wymagane uprawnienia:
- Blokować treści na dowolnej stronie
Opcjonalne uprawnienia:
- Mieć dostęp do danych użytkownika na wszystkich stronach
Zbieranie danych:
- Autorzy tego rozszerzenia twierdzą, że nie wymaga ono zbierania danych.
Więcej informacji
- Wersja
- 0.1.4
- Rozmiar
- 123,98 KB
- Ostatnia aktualizacja
- 9 dni temu (5 sty 2026)
- Powiązane kategorie
- Licencja
- Mozilla Public License 2.0
- Historia wersji
- Dodaj do kolekcji