Merlin
Disable Content-Security-Policy

Disable Content-Security-Policy

Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.

What is Disable Content-Security-Policy?
'Disable Content-Security-Policy' is an Edge add-on primarily used in developmental phases of web applications. When activated, it disables the tab's CSP headers for testing purposes, allowing the user to analyze resources imported by third-party tags. Users should note the increased risk of cross-site scripting this presents, and consider using a report-uri feature to maintain protection while monitoring blocked content.
Download
Merlin
Stats
Version: 3.0.0 (Last updated: 2022-02-13)
Creation date: 2022-02-13
Risk impact: High risk impact
Risk likelihood: Low risk likelihood
Manifest version: 2
Permissions:
  • webRequest
  • webRequestBlocking
  • browsingData
  • http://*/*
  • https://*/*
Size: 77.83K
Stats date:

Chrome-Stats Rank

# 3134 ▼ 32
Other rankings
Upgrade to see more rankings

Other platforms

Disable Content-Security-Policy
Disable Content-Security-Policy (v3.0.0)
3.65 (82) 60,000
Not available on Firefox
Want to check extension ranking and stats more quickly for other Edge add-ons? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Edge Add-on Store.
Chrome-Stats extension
Merlin
Summary
Analyze keywords

Disable Content-Security-Policy for web application testing. When the icon is colored, CSP headers are disabled.

Use at your own risk. This disables the Content-Security-Policy header for a tab. Use this when testing what resources a new third-party tag includes onto the page.

Click the extension icon to disable Content-Security-Policy header for the tab. Click the extension icon again to re-enable Content-Security-Policy header.

Use this only as a last resort. Disabling Content-Security-Policy means disabling features designed to protect you from cross-site scripting. Prefer to use report-uri which instructs the browser to send CSP violations to a URI. That allows you keep Content-Security-Policy enabled in your browser but still know what got blocked. https://report-uri.com is a free tool that gives you a web interface to inspect CSP violations on your site.

Safety
Risk impact

Disable Content-Security-Policy is risky to use as it requires a number of sensitive permissions that can potentially harm your browser and steal your data. Exercise caution when installing this add-on. Review carefully before installing. We recommend that you only install Disable Content-Security-Policy if you trust the publisher.

Risk likelihood

Disable Content-Security-Policy has earned a fairly good reputation and likely can be trusted.

Upgrade to see risk analysis details
Screenshots
Disable Content-Security-Policy Disable Content-Security-Policy