CSP (Content Security Policy) is a security mechanism implemented in all modern popular web browsers. Its main purpose is to protect against frontend attacks – especially against XSS vulnerabilities.
Some common mistakes made in the development of CSP policies make it possible to circumvent it. To make sure we haven't done so, it's a good idea to review our policy through the CSP Evaluator tool. It will check for us if there are known vulnerabilities in it.
Find tool at – CSP Evaluator