A function that checks for a Content Security Policy

content-script.js

/* ... */
// Loads an image on the host page to check for a CSP
function loadCspCheck(cb) {
  var CSP_CHECK_URL = '//d34db33f.cloudfront.net/assets/tiny.png';
  var cspCheckImage = new Image();
  cspCheckImage.addEventListener('load', cb.bind(null, false));
  cspCheckImage.addEventListener('error', cb.bind(null, true));
  cspCheckImage.src = CSP_CHECK_URL;
}
/* ... */