Content Security Policy (CSP) is often used as a part of a defense in depth based approach to prevent common web vulnerabilities.
With this change, a user can setup their own CSP through an optional site parameter "csp".
If the parameter is set, a meta element is added to the page which contains the user's policy.
Content Security Policy (CSP) is often used as a part of a defense in depth based approach to prevent common web vulnerabilities.
With this change, a user can setup their own CSP through an optional site parameter "csp". If the parameter is set, a meta element is added to the page which contains the user's policy.
More info on CSP is available on MDN: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP