Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross-Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware
- https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
- https://dotnetthoughts.net/implementing-content-security-policy-in-aspnetcore/
- https://code-maze.com/aspnetcore-content-security-policy/
- https://www.meziantou.net/security-headers-in-asp-net-core.htm
- https://blog.sucuri.net/2023/04/how-to-set-up-a-content-security-policy-csp-in-3-steps.html