Livestreams this week include:
- Why Not to Use the Block All CSP for ads
- Follow up with new tips for block all CSP for all sites
Why Not Use the Block All Content Security Policy (CSP)
Breaking News from MediaVine with a new CSP they suggested you use to block all non HTTPS ads.
That’s fine, unless you did the duct tape / chicken wire free way of converting your site to HTTPS.
You’ll likely end up blocking a lot more than those ads.
See my post on this topic for more details.
Follow up on using MediaVine plugin and not a CSP on all sites
I did more testing and found that the first CSP MediaVine suggested using is safe for all sites that have had full, real conversions and is a good idea.
But, the second CSP to block all is not a good idea for most sites, including those that have had free conversions, unless you are running ads.
You’re better off using the MediaVine plugin than having the CSPs hard-coded, as this situation is still in flux.
They’ll be keeping their plugin updated with works best for most of their clients.