CentralCSP Chrome Extension
Test Content Security Policy Headers Without Server Changes
Simple, Powerful Interface
Clean and intuitive design that gets out of your way while providing powerful CSP testing capabilities. Test your Content Security Policy with just a few clicks.
Everything You Need for CSP Testing
Comprehensive tools for developers and security professionals to test, debug, and validate Content Security Policy implementations with ease.
Enforce & Report-Only Modes
Test your CSP policies in both enforcement and report-only modes to understand their impact before deployment. Switch between modes instantly to see how your policy behaves.
Override Existing Headers
Override or remove existing Content-Security-Policy headers on any page without touching server configurations. Perfect for testing different policies on live sites.
Local Testing
Test your security policies locally before deploying to production, saving time and preventing security issues. Validate your CSP without affecting live users.
No Server Changes
Test different CSP configurations instantly without modifying server configurations or redeploying applications. Experiment freely with your security policies.
Frequently Asked Questions
Everything you need to know about the CentralCSP Chrome Extension
How to test my CSP without any server change?
The CentralCSP Chrome Extension allows you to test your Content Security Policy directly in the browser without modifying your server configuration. Simply install the extension, input your CSP policy, and the extension will override the existing headers on any webpage you visit.
How does the extension work?
The extension works by intercepting and modifying HTTP response headers in your browser. When you activate it, it replaces or adds Content-Security-Policy headers to any page you visit, allowing you to test different policies instantly without server-side changes.
How to disable CSP replacement when i'm not testing?
You can disable the extension by clicking the switch button in the extension popup. This will prevent the extension from replacing the CSP header on any page you visit.
Is the extension free?
Yes, the CentralCSP Chrome Extension is completely free to use. You can install it from the Chrome Web Store at no cost and test your CSP policies without any limitations.
Does it replace other headers?
The extension can either replace existing Content-Security-Policy headers or add new ones if no Content-Security-Policy header is present. It does not affect other headers.
How to switch between enforce and report-only?
You can easily switch between enforce and report-only modes using the extension's interface. Simply toggle the mode selector in the extension popup, and it will immediately apply the chosen mode to test how your CSP policy behaves in both scenarios.
Important Security Notice
Development and debugging purposes only. This extension is designed to help developers test and debug CSP policies during development. Do not use it to disable or weaken Content Security Policy headers in production environments, as this could compromise your website's security.