Your website needs a CSP. Here’s why
Here’s a scenario: You create a website and make it available online. Your website ends up getting hacked (it happens frequently, by the way..) The nefarious party is able to inject some malicious javascript into one of your pages. A legitimate user visits your website and is redirected to a phishing page as a result of the work done by an attacker. The user attempts to log into the page thinking it’s your website and ends up getting all of…