@jlhertel You're Welcome 🙂
CSP is for sure a little bit hard to get it right, especially for content heavy websites, but it's, in my opinion, the easiest to secure a website against most client-side injections attacks and data exfiltration!
@sylvain indeed. Sad that is not widely used. I just recently got to know it from some security experts auditing an app I was touching.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!