[yanis_t]

CSP is great in mitigating a whole bunch of security concerns, and it also forces some good practices (e.g. not using inline scripts).

I recently implemented a couple of tools to generate[1] and validate[2] a CSP. Would be glad if anybody tries it.

[1] https://www.csphero.com/csp-builder [2] https://www.csphero.com/csp-validator