Any time I visit or test a page that uses Content-Security Policy, my Console is hammered with CSP errors such as "Content Security Policy: The page’s settings blocked the loading of a resource at https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 (“font-src”)." Completely reproducible -- deactivate the add-on and it stops, activate it and the errors come back.