dun4n

<!DOCTYPE html>
<html>
    <head>
        <meta content="script-src 'self';" http-equiv="Content-Security-Policy">
        <script type="text/javascript" src="csp.js"></script>
    </head>
</html>