Adding Qualified to Your Content Security Policy