diff --git a/NAMESPACE b/NAMESPACE
index d0641dd..20058f5 100644
--- a/NAMESPACE
+++ b/NAMESPACE
@@ -35,6 +35,7 @@ export(check_wildcards)
 export(fetch_csp)
 export(has_csp)
 export(parse_csp)
+export(valid_csp_directives)
 export(validate_csp)
 import(rJava)
 importFrom(httr,GET)
diff --git a/R/aaa.R b/R/aaa.R
new file mode 100644
index 0000000..8c51b0b
--- /dev/null
+++ b/R/aaa.R
@@ -0,0 +1,17 @@
+#' Valid CSP Directives
+#'
+#' A character vector of valid CSP directives as per
+#' Content Security Policy Level 3 W3C Working Draft, 15 October 2018
+#' (<https://www.w3.org/TR/CSP3/#iana-registry>).
+#'
+#' @docType data
+#' @keywords datasets
+#' @export
+c(
+  "base-uri", "block-all-mixed-content", "child-src", "connect-src",
+  "default-src", "font-src", "form-action", "frame-ancestors", "frame-src",
+  "img-src", "manifest-src", "media-src", "object-src", "prefetch-src",
+  "plugin-types", "report-uri", "report-to", "require-sri-for", "sandbox",
+  "script-src", "script-src-attr", "script-src-elem", "style-src",
+  "style-src-attr", "style-src-elem", "upgrade-insecure-requests", "worker-src"
+) -> valid_csp_directives
\ No newline at end of file
diff --git a/R/findings.R b/R/findings.R
index dfce83b..bc4fc88 100644
--- a/R/findings.R
+++ b/R/findings.R
@@ -150,12 +150,12 @@ check_missing_directives <- function(csp_df) {
   }
 
   if (object_src_not_none) {
-    if (nrow(none) == 0) none <- data.frame(directive = "object-src", value = NA_character_)
+    if (nrow(object_src) == 0) object_src <- data.frame(directive = "object-src", value = NA_character_)
     findings[[length(findings)+1]] <- mk_finding(
-      category = "missing-directive",
+      category = "weak-directive",
       severity = "POSSIBLY-HIGH",
       message = "Can you restrict object-src to 'none'?",
-      where = none
+      where = object_src
     )
   }
 
diff --git a/man/valid_csp_directives.Rd b/man/valid_csp_directives.Rd
new file mode 100644
index 0000000..8d14b4f
--- /dev/null
+++ b/man/valid_csp_directives.Rd
@@ -0,0 +1,16 @@
+% Generated by roxygen2: do not edit by hand
+% Please edit documentation in R/aaa.R
+\docType{data}
+\name{valid_csp_directives}
+\alias{valid_csp_directives}
+\title{Valid CSP Directives}
+\format{An object of class \code{character} of length 27.}
+\usage{
+valid_csp_directives
+}
+\description{
+A character vector of valid CSP directives as per
+Content Security Policy Level 3 W3C Working Draft, 15 October 2018
+(\url{https://www.w3.org/TR/CSP3/#iana-registry}).
+}
+\keyword{datasets}