Přidatki za Firefox Browser
  • Rozšěrjenja
  • Drasty
    • za Firefox
    • Słowniki a rěčne pakćiki
    • Druhe sydła wobhladowaka
    • Přidatki za Android
Přizjewić
Přehlad CSP B Gone

CSP B Gone wot Hacks and Hops

Check the CSP of the current website against a list of known bypasses.

0 (0 reviews)0 (0 reviews)
14 wužiwarjow14 wužiwarjow
Trjebaće Firefox, zo byšće tute rozšěrjenje wužiwał
Firefox sćahnyć a rozšěrjenje wobstarać
Dataju sćahnyć

Metadaty rozšěrjenja

Fota wobrazowki
CSP Bypass Popup
Wo tutym rozšěrjenju
Code
This addon is free and open-source software (FOSS) all code can be found here: https://github.com/ACK-J/CSP-B-Gone
Please report your bugs or feature requests in a GitHub issue instead of in a review.

Test if it works!
https://apple.com/

This addon checks the CSP of the current website against a list of known bypasses. You can also use the search bar to check if a specific domain has a known CSP bypass.

How Does a CSP Bypass Work?
The most common way to bypass CSP is by finding a JSONP endpoint on a trusted domain within the CSP. JSONP takes advantage of the fact that the same-origin policy does not prevent execution of external <script> tags. Usually, a <script src="some/js/file.js"> tag represents a static script file. But you can just as well create a dynamic API endpoint, say /userdata. jsonp, and have it behave as a script by accepting a query parameter (such as ?callback=CALLBACK).

JSONP endpoints used to bypass CSP are discovered by querying the archive.org database on a monthly basis for URLs with a common feature set. Each suspected URL is injected into a script src element inside a headless browser with the alert() function hooked. If an alert box fires then the URL is a confirmed JSONP endpoint and added to the GitHub list HERE.

When would I need a CSP Bypass?
A Content Security Policy (CSP) bypass may be necessary in specific scenarios, typically related to web security testing or development. CSP is a security feature that helps prevent a range of attacks like Cross-Site Scripting (XSS), data injection attacks, and clickjacking by controlling which resources the browser is allowed to load and execute.

Donations
  • Monero Address: 89jYJvX3CaFNv1T6mhg69wK5dMQJSF3aG2AYRNU1ZSo6WbccGtJN7TNMAf39vrmKNR6zXUKxJVABggR4a8cZDGST11Q4yS8
Z 0 wot 0 pohódnoćacych pohódnoćeny
Přizjewće so, zo byšće tute rozšěrjenje pohódnoćił
Hišće pohódnoćenja njejsu

Hwězdne pohódnoćenje je so składowało

5
0
4
0
3
0
2
0
1
0
Hišće žane pohódnoćenja
Prawa a datyDalše informacije

Trěbne prawa:

  • Mějće přistup k rajtarkam wobhladowaka
  • Přistup k wašim datam za wšě websydła měć
Dalše informacije
Přidatkowe wotkazy
  • Sydło pomocy
Wersija
1.0
Wulkosć
28,6 KB
Posledni raz zaktualizowany
kahdeksan kuukautta sitten (17. joulu 2024)
Přiwuzne kategorije
  • Webwuwiwanje
  • Priwatnosć a wěstota
Licenca
Jenož licenca GNU General Public License v3.0
Wersijowa historija
  • Wšě wersije pokazać
Znački
  • ad blocker
  • content blocker
  • privacy
  • search
  • security
  • user scripts
  • wayback machine
Zběrce přidać
Tutón přidatk zdźělić
Wjace rozšěrjenjow wot Hacks and Hops
  • Hišće pohódnoćenja njejsu

  • Hišće pohódnoćenja njejsu

  • Hišće pohódnoćenja njejsu

  • Hišće pohódnoćenja njejsu

  • Hišće pohódnoćenja njejsu

  • Hišće pohódnoćenja njejsu

K startowej stronje Mozilla

Přidatki

  • Wo
  • Blog přidatkow Firefox
  • Dźěłarnička rozšěrjenjow
  • Wuwiwarski róžk
  • Wuwiwarske prawidła
  • Blog zhromadźenstwa
  • Forum
  • Programowy zmylk zdźělić
  • Směrnica za pohódnoćenja

Wobhladowaki

  • Desktop
  • Mobile
  • Enterprise

Produkty

  • Browsers
  • VPN
  • Relay
  • Monitor
  • Pocket
  • Bluesky (@firefox.com)
  • Instagram (Firefox)
  • YouTube (firefoxchannel)
  • Priwatnosć
  • Placki
  • Prawniske

Jeli nic hinak zapisane, so wobsah na tutym sydle pod Creative Commons Attribution Share-Alike License v3.0 abo poždźišej wersiju licencuje.