Getting Started with Content Security Policy using NodeJS/Express and Csper
⚖ Browsers support of the child-src directive; child-src is a fallback directive for frame-src and worker-src; frame-src and worker-src take precedence over child-src
A systematic study of content security policy in web applications - Liu - 2016 - Security and Communication Networks - Wiley Online Library
Content-Security-Policy not workin… | Apple Developer Forums
Improving Web Security with the Content Security Policy - SitePoint
Optimizely's Content-Security-Policy Journey | by Ola Nordstrom | Engineers @ Optimizely | Medium
Content Security Policy (CSP) Headers
Can't access campaign because of "Unrecognized Content-Security-Policy directive worker-src" error. - Google Ads Community
Debugging and setting the Content Security Policy in the CSP header and meta tag; debug via browser console, via violation reports and SecurityPolicyViolation event; why the CSP header is truncated
How To Secure Node.js Applications with a Content Security Policy | DigitalOcean
Unrecognized Content-Security-Policy directive 'referrer'. - Salesforce Developer Community
Content Security Policy with Google Analytics & Tag Manager | Bounteous
CSP policy in Safari | Apple Developer Forums
On Ubuntu 16 "Unrecognized Content-Security-Policy directive" reported from some tests · Issue #1194 · coreinfrastructure/best-practices-badge · GitHub