Content-Security-Policy (CSP) for Google AdSense

Getting your Content Security Policy (CSP) configured for Google AdSense isn't as easy as you might expect. This is due to the large number of domains Google uses as part of the service. This leaves you with two options:

I decided to go with the second approach: Adding hundreds of hosts based on Google's official domain list to my CSP.

So here is my personal and public note on what the CSP configuration needs to look like for AdSense (no joke!):


Please note:

<meta http-equiv="Content-Security-Policy" content=" ... ">

By the way, if you are interested in Google AdSense you are likely to be interested in increasing your traffic too. I've built a project exactly aiming at helping with this. RankLetter is summarizing your Google Search Console data, adds various recommendations, and sends you all over in a weekly newsletter. I've grown my traffic steadily by tweaking pages to match search queries better and include more information. Don't let your potential go to waste, improve your rankings!


Since you've made it this far, sharing this article on your favorite social media network would be highly appreciated 💖! For feedback, please ping me on Twitter.