The free web debugging proxy for any browser, system or platform.
I think this may be a regression. The Content-Security-Policy header needs to be shown in the Security headers section, not in the Entity headers session (which looks for "Content-*").
Similarly, Content-Security-Policy-Report-Only has the same regression.
You won't be notified about changes to this idea.