Just a heads up, we're enabling CSP in report only mode on wikis. This means if you are loading external resources in your user scripts, you might get an error in your javascript console. Don't panic, so far we are only enabling report only, and will of course give people notice before actually enabling it enforcing. At this stage we are just gathering information on what the impact of CSP would be on the wikis and what sort of external javascript is used in practise.

That said, if you are loading externally hosted javascript from your user JS page, we strongly suggest you do not do this for security reasons.