Observe Browser Resources
Load selected public pages in Chrome and inspect the scripts, styles, images, fonts, frames, connections, and inline-code evidence observed during the scan.
Discover what your site loads, build an editable CSP candidate, test it in report-only mode, and monitor drift before deciding whether to enforce it.
Run the free CSP generator and scanner or learn how Content Security Policy works.
Load selected public pages in Chrome and inspect the scripts, styles, images, fonts, frames, connections, and inline-code evidence observed during the scan.
Turn browser evidence into an editable policy, review broad or risky values, and optionally add SHA-256 sources for inline content observed on scanned pages.
Copy deployment-formatted headers, test representative application flows without blocking them, and review violation evidence before enforcement.
Verified-site monitors compare recurring scan evidence with an accepted baseline so new and removed sources remain visible during rollout and maintenance.
Use the reference guides for CSP fundamentals, adaptable examples, report-only testing, and platform-specific header syntax.
The Chrome extension and Firefox Add-on can start a free scan from the active tab.