diff --git a/src/Controller/CspReportController.php b/src/Controller/CspReportController.php
index 6d1f3d0..fe61917 100644
--- a/src/Controller/CspReportController.php
+++ b/src/Controller/CspReportController.php
@@ -58,7 +58,8 @@ class CspReportController extends AbstractController
             || str_contains($sourceFile, 'localhost')
             || 'wasm-eval' === $blockedUri
             || 'inline' === $blockedUri && str_contains($sourceFile, 'node_modules')
-            || 'about:blank' === $blockedUri;
+            || 'about:blank' === $blockedUri
+            || 'user-script' === $sourceFile;
     }
 
     /**
diff --git a/tests/Controller/CspReportControllerTest.php b/tests/Controller/CspReportControllerTest.php
index 16025fb..285f714 100644
--- a/tests/Controller/CspReportControllerTest.php
+++ b/tests/Controller/CspReportControllerTest.php
@@ -36,6 +36,25 @@ class CspReportControllerTest extends WebTestCase
         self::assertResponseStatusCodeSame(204);
     }
 
+    public function testUserScriptViolationIsIgnored(): void
+    {
+        $client = static::createClient();
+        $payload = json_encode([
+            'csp-report' => [
+                'source-file' => 'user-script',
+                'blocked-uri' => 'eval',
+                'document-uri' => 'https://e-cosplay.fr/page',
+                'violated-directive' => 'script-src',
+            ],
+        ]);
+
+        $client->request('POST', '/my-csp-report', [], [], [
+            'CONTENT_TYPE' => 'application/json',
+        ], $payload);
+
+        self::assertResponseStatusCodeSame(204);
+    }
+
     public function testRealViolationIsProcessed(): void
     {
         $client = static::createClient();