TheMine

Blog

Community blog — WYSIWYG editor, comments, profiles, RSS

No CSP

Admin

Internal dashboard — debug headers, log viewer, user management

Permissive CSP

Shop

E-commerce — product reviews, DOMPurify, SVG search, cart

Moderate CSP

Corporate

Corporate site — contact form, team pages, embeds

Strict Nonce CSP

SPA

Single-page apps — AngularJS, Vue 3, Vanilla JS

Permissive CSP

API

REST API — JSONP, analytics, config endpoint

No CSP