".cgi" file type added to false positive ignorer regex.
For 'Missing CSP', changed confidence level from "certain" to "firm".
Added "cspCol" to indicate a variable for "Content-Security-Policy:". This reduces false positives originating from the scanner detecting the "Content-Security-Policy-Report-Only" header.