CSP tool should validate settings #231
Description
The CSP tool currently allows the user to provide anything in the URL field.
It should only allow https: and perhaps some others such as data:
Ideally 3rd party URLs should be validated against DPA agreements.
Also it should check for duplicates.