If the content-security-policy is ineffective, a pop-up dialog box will appears. If there is no dialog box, then CSP is working correctly.
As a double-check, open the Developer Console in your web-browser and verify that two CSP violations were detected and blocked.