Support CSP in html (<meta http-equiv='Content-Security-Policy' content='...'>)

[rhanka]

CSP may be implemented with http header in

This is the only way to do it with github pages.

Should be supported, to avoid false-positive of -25 in HTTP scores

[revolunet]

Hi, thanks for reporting, i guess this comes from "Mozilla HTTP Observatory" report ?

Can you confirm the problem also happen here ? https://observatory.mozilla.org/

CSP may be implemented with http header in

in ? html page metas ?