Add a content security policy

A content security policy (CSP) adds an important layer of security to your web app by helping to mitigate cross-site scripting and data injection attacks. It enforces what content is loaded in your app. This includes images, CSS, fonts, scripts, network requests, and more.

This guide describes how you can set up and customize a CSP for your site.