With CSP Demo #1
Evil JavaScript is detected and blocked!
View Source On This Page
There is a JavaScript tag present on this page that you do not want, but don't worry!
If you view the source of this page you will see that there is a JavaScript tag present that you would definitely not want to load on this page! Because this page has a Content Security Policy, the browser will not load the JavaScript and protect the user.
<script src="https://evil-cyber-hacker.com/evil-things.js"></script>
Check the Console for an error message to see what action your browser took to protect you. You can also check the Network tab in Dev Tools to see that this attack has been reported to the site operator, look for a POST request to https://demo.report-uri.com