An Introduction to Content Security Policy
While script resources are the most obvious security risks, CSP provides a rich set of policy directives that enable fairly granular control over the resources that a page is allowed to load. You’ve already seen
script-src, so the concept should be clear. Let’s quickly walk through the rest of the resource directives:
source:
$link[host]
Read Original Source