Recently, we made changes to our codebase in regards to Content Security Policy (CSP). This article starts with a minuscule intro to CSP, then talks about why we decided to change our approach, what we changed, some unintended consequences and how we fixed things; it then ends with some observations and learnings.

Full post: https://medium.com/just-tech/content-security-policy-ruby-on-rails-836d0c7ba098