Content Security Policy
acronymweb devsecurity
Stands for: Content Security Policy (CSP)
A browser policy that restricts what a page may load and run, to blunt attacks like XSS.
A Content Security Policy lets a site declare which sources of scripts, styles, and other content are allowed, so injected malicious script is refused by the browser. It is a strong second line of defence behind proper output encoding.
Also known as: csp, content security policy