Now here's a trick that might actually save some resources by reducing the amount of useless HTTP requests. I wish the article mentioned this instead!

…At the cost of having to add `img-src data:;` to your CSP, which is unsafe.

https://security.stackexchange.com/questions/94993/is-includ...

How is that unsafe exactly?