CSP Directives: The Complete Reference (No Fluff)
I keep a copy of this page bookmarked because I can never remember the exact syntax for some of these directives. CSP has a lot of them, and most documentation either glosses over the details or buries them in paragraphs of text. Here’s every directive you’ll actually use, with examples and the gotchas that trip people up. Fetch Directives These control what the browser is allowed to load. They’re the core of any CSP policy. ...