can you tldr it? just one little meta tag defeats google's ad services? why dont we all slap it on our html templates?

This seems to be allowing unsafe script injection from ONLY certain whitelisted urls, presumably excluding the url globs required for the ads. Haven't tested it, and not sure the full extent of pshc's sibling response either.