Content Security Policy (CSP) is an additional layer of security that helps detect and protect against certain types of attacks, such as cross-site scripting (XSS), clickjacking and other code injections. The goals of attacks are usually to steal data, infect a website with malware or destroy its content.
Content Security Policy restricts third-party tools from loading code on the site and only allows downloads from approved content sources. This is why, if you want to set up CSP on your site, you’ll need to modify the tracking code and add the container domain to the allowed list in the Content Security Policy settings.
To set up the Content Security Policy mechanism, use the following guidelines: