CSP for Giscus Comments Without Breaking Your Page
Giscus is one of those tools I actually like recommending. It gives you comments powered by GitHub Discussions, doesn’t drag in a giant ad-tech mess, and feels pretty sane compared to legacy comment widgets. But the moment you run a strict Content Security Policy, Giscus is also one of those integrations that suddenly stops working with a blank box and a few ugly console errors. The good news: Giscus is CSP-friendly enough if you know what it loads and where it loads it from. ...