CSP for CookieYes Consent: Pros, Cons, and Safer Policies
Cookie consent tools are one of the fastest ways to wreck an otherwise clean Content Security Policy. I’ve seen teams spend days locking down script-src, only to punch giant holes in it because the consent banner needed “just one more domain” and “just one inline script.” CookieYes is no different. It works fine with CSP, but the quality of your setup depends on how much convenience you’re willing to trade for control. ...