Blocks potential cross-site scripting attacks by evaluating your Content Security Policy (CSP) against a large-scale empirical study of known bypasses, helping developers and security experts harden their CSP and protect their websites from vulnerabilities. The tool is designed for use by developers who want to ensure the effectiveness of their CSP policies. It's particularly useful for those responsible for securing high-risk applications or websites that handle sensitive user data.
Overview
CSP Evaluator is a small tool that allows developers and security experts to check if a Content Security Policy (CSP) serves as a strong mitigation against cross-site scripting attacks. Reviewing CSP policies is usually a very manual process and most developers are not aware of CSP bypasses.
CSP Evaluator checks are based on a large-scale empirical study and are aimed to help developers to harden their CSP. This tool is provided only for the convenience of developers and Google provides no guarantees or warranties for this tool.
Tags
Privacy Practices
🔐 Security Analysis
This extension hasn't been security-scanned yet.
