Away with external scripts and a strong CSP

Geschreven door Erwin A.W. Maas

Results security scan

I have been busy with a strong Content Security Policy the last couple of months and experienced all kinds of issues with 3rd-party scripts like analytics-tools and a consent-manager script that I needed because of these analytics tools.

To keep everything running fine I had to add several things to the CSP that I didn't like, for example 'unsafe-inline' and 'unsafe-eval'.
Next to that one item of the cookie-consent-script just did not load and there was nothing to do about it before the scriptprovider themselves make changes to it so that I can Hash or Nonce it.

So what did I do?

So: what did I do?
I threw them all out and started building my own tool for analysing the content of my website, which means that visitors are safe and there are not any privacy-issues whatsoever anymore.

This is the scan of my website at

Scan your site for vulnerabilities

No more issues, no privacy-questions, no cookie-clicking: Freedom and full Security for everybody here!

You can find a link to this scanner and many more other scanners on this page!


  1. Markdown is toegestaan. Toegestane HTML-Tags: <strong>, <em>, <blockquote>, <code>, <pre>, <a>.