Scripting Policy.

## Introduction

XSS is bad. CSP's syntax is obtuse, and it's trying to do too many things. What if we could _just_ target XSS?

[Read the complete Explainer][explainer]. Also the [spec](https://mikewest.github.io/csp-next/scripting-policy.html).

## Feedback (Choose One)

Please provide all feedback below.

[explainer]: https://github.com/mikewest/csp-next/