2 items tagged with "csp"
A W3C security standard delivered via an HTTP header that controls which sources a browser may load, mitigating cross-site scripting and data injection attacks.
Add HSTS, frame and content-type protections, and a Content Security Policy that blocks injection while keeping your app working.