CSP-Validator 是 Sublime Text2 的插件,能够检测 JavaScript, HTML 和 CSS 中的内容是否满足内容安全政策。目前它支持检测以下项目:
Inline scripts
Images and scripts with src attributes with http(s) protocols
Use of eval or new Function
setTimeout with a string param (this is only explicit usage of a string, not if it’s passed as a variable)
Attempting to load resources in CSS with http(s) protocols