Content-Security-Policy is a HTTP Response Header defines allows web site administrators to control resources the User-agent is allowed to load for a given page.

With a few exceptions, the Policy mostly involve specifying server origins and script endpoints. This helps guard against Cross-site scripting attacks (XSS).

More Information#

There might be more information for this subject on one of the following: