See https://github.com/pytition/Pytition/pull/185 which uses django-csp from Mozilla.
