Sometimes it comes in handy to set your CSP (eg during dev) to report only by using the header : Content-Security-Policy-Report-Only
This won't block the resources, but will report in the console if you have potential issues. This comes in handy when you are adding it to a existing site.
@dawoe This is great feedback and I can definitely update it to allow a report-only option that can be applied to the XML. Thanks! I'll put it on my list to update it :)
Sometimes it comes in handy to set your CSP (eg during dev) to report only by using the header :
Content-Security-Policy-Report-Only
This won't block the resources, but will report in the console if you have potential issues. This comes in handy when you are adding it to a existing site.