Web Security: Understanding Content Security Policy (CSP)
Content Security Policy (CSP) is one of the most promising countermeasures against Cross-Site Scripting (XSS) on modern browsers. CSP is a declarative policy mechanism that allows web application developers to define which client-side resources can be loaded and executed by the browser.