CSP Evaluator

Developer Tools

Version: 0.2.1

Last Update: 2020-11-19

Overview

CSP Evaluator is a Chrome extension developed by Lukas Weichselbaum. According to the data from Chrome web store, current version of CSP Evaluator is 0.2.1, updated on 2020-11-19.
10,000+ users have installed this extension. 27 users have rated this extension with an average rating of .

CSP Evaluator is a tool that allows developers to check if a Content Security Policy (CSP) serves as mitigation against XSS attacks.

CSP Evaluator is a small tool that allows developers and security experts to check if a Content Security Policy (CSP) serves as a strong mitigation against cross-site scripting attacks. Reviewing CSP policies is usually a very manual process and most developers are not aware of CSP bypasses.
CSP Evaluator checks are based on a large-scale empirical study and are aimed to help developers to harden their CSP. This tool is provided only for the convenience of developers and Google provides no guarantees or warranties for this tool.

Rating

27 ratings

Total Installs

10,000+

Information

Last Update

2020-11-19

Current Version

0.2.1

Size

302KiB

Author

Lukas Weichselbaum

Website

None

Category

Developer Tools

CSP Evaluator Alternatives

Name	Category	Rating Count	Installs
Content Security Policy Override	Developer Tools	(8)	2,000+
Web Vitals	Developer Tools	(26)	100,000+
Content Security Policy (CSP) Generator	Developer Tools	(8)	10,000+
CSP Tester	Developer Tools	(7)	1,000+
Xdebug helper	Developer Tools	(433)	300,000+
Analytics Debugger	Developer Tools	(116)	90,000+
Security-Header-Extension	Developer Tools	(5)	1,000+
retire.js	Developer Tools	(7)	10,000+
OWASP Penetration Testing Kit	Developer Tools	(14)	10,000+
Google Analytics Debugger	Developer Tools	(532)	500,000+
Recx Security Analyser	Developer Tools	(11)	4,000+
Disable Content-Security-Policy	Developer Tools	(70)	50,000+
axe DevTools - Web Accessibility Testing	Accessibility	(101)	200,000+
Caspr: Enforcer	Developer Tools	(7)	716
Vulners Web Scanner	Productivity	(18)	7,000+
Always Disable Content-Security-Policy	Developer Tools	(12)	10,000+
Shodan	Productivity	(129)	100,000+
Tamper Chrome (extension)	Developer Tools	(235)	50,000+
Clickjacking Test	Developer Tools	(9)	4,000+
Redirect URL, Modify Headers & Mock APIs	Developer Tools	(1033)	100,000+
Datalayer Checker	Developer Tools	(27)	100,000+
BrowserStack	Developer Tools	(88)	100,000+
Bishop Vulnerability Scanner	Developer Tools	(11)	3,000+
WAVE Evaluation Tool	Accessibility	(135)	400,000+

Latest Reviews


Nordine Zetoutou 2021-12-09 No CSP detected on any webpage.
Dave Dörenberg-Veltman 2021-03-13 liked it. saved me some headaches!!! was playing around for weeks to get my csp right! there's one drawback though. after copying it all to my policy file it bricked my wordpress login page. so i had to revert back using ftp access to my server to find the problem..... again.
Alexander Dobernig 2020-11-21 No CSP detected on any webpage.
Leigh Garner Silverstein 2020-08-24 It doesn't detect meta CSPs which should have been stated in the extension details.
Escape Velocity 2019-11-07 cool. May be better if it's possible to add/remove CSP directives so I can test without deploying codes lol