Axe Devtools Web Accessib
✨ AI-Powered 🔍 Security Report Available View on Chrome Web StoreChrome will indicate if you already have this installed.
Blocks accessibility issues and provides actionable feedback to developers, testers, and designers, helping them identify and fix problems in their web applications. Most benefit from this extension are those who create or test websites for people with disabilities, as it offers a practical solution for ensuring compliance with accessibility standards. By using Axe Devtools Web Accessib, these individuals can improve the usability of their work and make it more inclusive for all users.
Overview
Find and fix more accessibility issues during website development with axe DevTools.
The free axe DevTools browser extension is a fast, lightweight, yet powerful testing tool driven by the world’s most trusted accessibility testing engine, axe-core, developed by Deque.
Why use axe DevTools to build accessible websites?
-To deliver brilliant user experiences for everyone, including the 1 billion people globally living with a disability today.
-To avoid wasting time chasing fake issues. Only axe prevents false positive results.
-To improve accuracy, preventing tickets from resurfacing again and again.
-To reduce the risk and cost of accessibility lawsuits.
★ Automated testing
With the push of a button, axe DevTools analyzes your site, automatically surfacing the majority of common accessibility issues—almost triple the industry average. Drill down into each issue, inspect the source of the problem and leverage extensive free remediation guidance to fix it quickly and accurately.
★ No False Positives
Nobody has time to chase issues that aren’t actually issues. Axe DevTools reports only issues with absolute certainty. Other tools report irrelevant and inaccurate results, wasting your time, money, and productivity on rework.
★ The fastest and most effective path to accessible
Using axe DevTools to proactively find and fix accessibility issues significantly reduces the need for manual testing, giving you quick and easy wins without disrupting your development velocity.
Upgrade to axe DevTools Pro to do so much more:
★ Intelligent Guided Testing™ (IGT)
Perform more advanced testing without having to become an accessibility expert. Using a simple question and answer format, IGT leverages machine learning to help you quickly find and fix issues that are not detectable by automated testing alone. Adding IGT can get you 8o% coverage or more—while you code.
★ Component-level testing
Make your testing more agile by focusing only on the specific parts of a page relevant to your immediate work. Reduce patching and retesting by finding accessibility bugs that could break existing use cases.
★ Export, Save and Share
Collaborate across your dev team! With one click, create a customized URL with all issue description information to share with colleagues or your issue tracking software of choice. Save the rest of your team time and effort and help them build inclusive experiences.
★ What’s left to test?
After you’ve finished automated and Intelligent Guided Tests, now you can generate and share a “Remaining Testing” report, listing what’s left for manual testers. Accessibility experts can pick up exactly where you left off to catch the remaining complex issues.
Use of this extension is governed by this license agreement https://www.deque.com/terms-of-use/axe-ext/ and the privacy policy linked under the developer information
Data collection information can be found here: https://docs.deque.com/devtools-server/4.0.0/en/data-collection#axe-devtools-browser-extension-free
Upgrading to Pro gives you more control over what data is collected.
Tags
Privacy Practices
Security Analysis — Axe Devtools Web Accessib
Permissions
Code Patterns Detected
External Connections
Package Contents 82 files · 13.3MB
What This Extension Does
Axe DevTools Web Accessibility Checker is a browser extension that helps developers, testers, and designers identify and fix accessibility issues on websites. It uses automated testing to surface common issues and provides remediation guidance to fix them quickly and accurately.
Permissions Explained
- tabsexpected: This permission allows the extension to access and interact with web pages you visit.
Technical: The extension can read and modify tabs, including their content, URLs, and metadata. This could potentially allow unauthorized access to sensitive information or manipulation of user interactions. - debuggercheck this: This permission allows the extension to debug web pages and inspect their content.
Technical: The extension can access and manipulate the debugger API, which could potentially allow unauthorized access to sensitive information or manipulation of user interactions. This is a critical risk due to its potential for code injection and data exfiltration. ⚠ 1 - storageexpected: This permission allows the extension to store and retrieve data on your device.
Technical: The extension can read and write to browser storage, including cookies, local storage, and session storage. This could potentially allow unauthorized access to sensitive information or manipulation of user interactions. - unlimitedStoragecheck this: This permission allows the extension to store an unlimited amount of data on your device.
Technical: The extension can store and retrieve large amounts of data, including cookies, local storage, and session storage. This could potentially allow unauthorized access to sensitive information or manipulation of user interactions. ⚠ 1
Your Data
The extension accesses browser storage, including cookies, local storage, and session storage, and sends data to various domains, including dequeuniversity.com, docs.deque.com, axe.deque.com, and usage.deque.com.
Technical Details
- www.w3.org
- dequeuniversity.com
- docs.deque.com
- axe.deque.com
- github.com
- usage.deque.com
- www.etsi.org
- www.access-board.gov
- eur-lex.europa.eu
- www.facebook.com
- www.deque.com
- web-directive.eu
- HTTP
- HTTPS
- cookies
- local storage
- session storage
Code Findings
This finding indicates that the extension uses a function constructor to execute code dynamically, which could potentially allow unauthorized access to sensitive information or manipulation of user interactions.
Technical: The extension uses eval() and Function constructors to execute code dynamically. This allows for arbitrary code execution and potential data exfiltration.
💡 Legitimate extensions may use function constructors for legitimate purposes, such as dynamic code loading or debugging.
This finding indicates that the extension loads external scripts in its service worker, which could potentially allow unauthorized access to sensitive information or manipulation of user interactions.
Technical: The extension uses fetch() and importScripts() to load external scripts in its service worker. This allows for arbitrary code execution and potential data exfiltration.
💡 Legitimate extensions may use service workers for legitimate purposes, such as caching or content filtering.
This finding indicates that the extension uses innerHTML assignments, which could potentially allow cross-site scripting (XSS) attacks.
Technical: The extension uses innerHTML assignments to update content in web pages. This allows for potential XSS attacks if user input is not properly sanitized.
💡 Legitimate extensions may use innerHTML assignments for legitimate purposes, such as updating content or injecting scripts.
The Axe DevTools Web Accessibility Checker extension has several security concerns due to its use of dynamic code execution, external script loading in service workers, and potential XSS vectors. While it provides a useful tool for accessibility testing, users should exercise caution when installing and using this extension.
