diff --git a/app/controllers/admin/communication/websites_controller.rb b/app/controllers/admin/communication/websites_controller.rb
index e7859ee1893c67eb378813334fded16ea6d2f211..647071049e6f1974eb2b60f7bc98b9f9f3f423c8 100644
--- a/app/controllers/admin/communication/websites_controller.rb
+++ b/app/controllers/admin/communication/websites_controller.rb
@@ -7,21 +7,14 @@ class Admin::Communication::WebsitesController < Admin::Communication::Websites:
     breadcrumb
   end
 
-  def show
-    @all_pages = @website.pages.accessible_by(current_ability).for_language(current_website_language)
-    @pages = @all_pages.recent
-    @all_posts = @website.posts.accessible_by(current_ability).for_language(current_website_language)
-    @posts = @all_posts.recent
-    breadcrumb
-  end
-
   def analytics
     breadcrumb
     add_breadcrumb t('communication.website.analytics')
   end
 
-  def new
+  def security
     breadcrumb
+    add_breadcrumb t('communication.website.security')
   end
 
   def import
@@ -40,6 +33,23 @@ class Admin::Communication::WebsitesController < Admin::Communication::Websites:
     add_breadcrumb Communication::Website::Imported::Website.model_name.human
   end
 
+  def show
+    @all_pages = @website.pages.accessible_by(current_ability).for_language(current_website_language)
+    @pages = @all_pages.recent
+    @all_posts = @website.posts.accessible_by(current_ability).for_language(current_website_language)
+    @posts = @all_posts.recent
+    breadcrumb
+  end
+
+  def static
+    @about = @website
+    render layout: false
+  end
+
+  def new
+    breadcrumb
+  end
+
   def edit
     breadcrumb
     add_breadcrumb t('edit')
diff --git a/app/models/communication/website.rb b/app/models/communication/website.rb
index 5762b6d2202412cf495a28da5f7a7ac56f8880f6..34ca7bdccb365a2c034a66e6baa09ec11e018ab0 100644
--- a/app/models/communication/website.rb
+++ b/app/models/communication/website.rb
@@ -50,6 +50,7 @@ class Communication::Website < ApplicationRecord
   include WithReferences
   include WithSpecialPages
   include WithMenus # Menus must be created after special pages, so we can fill legal menu
+  include WithSecurity
   include WithStyle
   include WithTheme
   include WithUniversity
diff --git a/app/models/communication/website/with_security.rb b/app/models/communication/website/with_security.rb
new file mode 100644
index 0000000000000000000000000000000000000000..c2219ab9a6c8bd25c13d61835f9b6f18bb5014d5
--- /dev/null
+++ b/app/models/communication/website/with_security.rb
@@ -0,0 +1,48 @@
+module Communication::Website::WithSecurity
+  extend ActiveSupport::Concern
+
+  def external_domains
+    list = external_domains_default
+    list.concat external_domains_plausible
+    list.concat external_domains_from_blocks_video
+    list.concat external_domains_from_blocks_embed
+    list.uniq.compact
+  end
+
+  protected
+
+  def external_domains_default
+    [
+      'osuny-1b4da.kxcdn.com', # KeyCDN for assets resize
+      'demo.osuny.org', # Osuny for assets resize
+      'osuny.s3.fr-par.scw.cloud' # Scaleway for direct assets
+    ]
+  end
+
+  def external_domains_plausible
+    list = []
+    list << URI.parse(plausible_url).host if plausible_url.present?
+    list
+  end
+
+  def external_domains_from_blocks_video
+    list = []
+    blocks.where(template_kind: :video).each do |block|
+      video_url = block.template.url
+      list << URI.parse(video_url).host if url.present?
+    end
+    list
+  end
+
+  def external_domains_from_blocks_embed
+    list = []
+    blocks.where(template_kind: :embed).each do |block|
+      code = block.template.code
+      # https://stackoverflow.com/questions/25095176/extracting-all-urls-from-a-page-using-ruby
+      code.scan(/[[:lower:]]+:\/\/[^\s"]+/).each do |url|
+        list << URI.parse(url).host
+      end
+    end
+    list
+  end
+end
\ No newline at end of file
diff --git a/app/views/admin/communication/websites/security.html.erb b/app/views/admin/communication/websites/security.html.erb
new file mode 100644
index 0000000000000000000000000000000000000000..7d5b7e0daa9d0de2725f9f3c9f22044b9c38b5ad
--- /dev/null
+++ b/app/views/admin/communication/websites/security.html.erb
@@ -0,0 +1,9 @@
+<% content_for :title, t('communication.website.security') %>
+
+<%= osuny_panel "CSP" do %>
+  <ul class="list-unstyled">
+    <% @website.external_domains.each do |domain| %>
+      <li><%= domain %></li>
+    <% end %>
+  </ul>
+<% end %>
\ No newline at end of file
diff --git a/app/views/admin/communication/websites/show.html.erb b/app/views/admin/communication/websites/show.html.erb
index e7be9bca63024a5e6f4f707ac27c34b4faf2ebf2..18bb57db469db1c10bf88f9111582942818e6c27 100644
--- a/app/views/admin/communication/websites/show.html.erb
+++ b/app/views/admin/communication/websites/show.html.erb
@@ -33,6 +33,7 @@
                   class: button_classes %>
     <% end %>
   <% end %>
+  <%= static_link static_admin_communication_website_path(@website) %>
 <% end %>
 
 <% content_for :action_bar_right do %>
diff --git a/app/views/admin/communication/websites/static.html.erb b/app/views/admin/communication/websites/static.html.erb
index 410015a86e15a217ec74db52bd2ae69810f7a879..3e04361f3358faa5b81f01b9e0220835eb6df57c 100644
--- a/app/views/admin/communication/websites/static.html.erb
+++ b/app/views/admin/communication/websites/static.html.erb
@@ -1,2 +1,6 @@
 title: >
   <%= @about.to_s %>
+external_domains:
+<% @website.external_domains.each do |domain| %>
+  - "<%= domain %>"
+<% end %>
\ No newline at end of file
diff --git a/config/locales/communication/en.yml b/config/locales/communication/en.yml
index d367f86beb6e42a846b2a39d391f87201d480a1a..5e257a9a1e51231a79eda21598aac100697fccf6 100644
--- a/config/locales/communication/en.yml
+++ b/config/locales/communication/en.yml
@@ -785,6 +785,7 @@ en:
         published: Published
         successful_batch_update: Posts have been updated succesfully
         unpublished: Unpublished
+      security: Security
       see_all: See the full list (%{number} elements)
   enums:
     communication:
diff --git a/config/locales/communication/fr.yml b/config/locales/communication/fr.yml
index cf157e7e98a3b4bf2a1d814aa94a3df60990d4ea..297faaea20b07d9169a2648745acc526739da14a 100644
--- a/config/locales/communication/fr.yml
+++ b/config/locales/communication/fr.yml
@@ -782,6 +782,7 @@ fr:
         published: PubliÃ©e
         successful_batch_update: Les actualitÃ©s ont bien Ã©tÃ© mises Ã  jour
         unpublished: Non publiÃ©e
+      security: SÃ©curitÃ©
       see_all: Voir la liste complÃ¨te (%{number} Ã©lÃ©ments)
   enums:
     communication:
diff --git a/config/routes/admin/communication.rb b/config/routes/admin/communication.rb
index 03c198bee398a7926d380d7c743350a55534db43..860d470eb45a7ebad8035a2b6a698943071d59cc 100644
--- a/config/routes/admin/communication.rb
+++ b/config/routes/admin/communication.rb
@@ -5,9 +5,11 @@ namespace :communication do
   end
   resources :websites do
     member do
-      get :import
       post :import
+      get :import
       get :analytics
+      get :security
+      get :static
     end
     get 'style' => 'websites/preview#style', as: :style
     get 'assets/*path' => 'websites/preview#assets'