Constant http::header::CONTENT_SECURITY_POLICY [−][src]
pub const CONTENT_SECURITY_POLICY: HeaderName=
HeaderName{inner: Repr::Standard(StandardHeader::ContentSecurityPolicy),}
Allows controlling resources the user agent is allowed to load for a given page.
With a few exceptions, policies mostly involve specifying server origins and script endpoints. This helps guard against cross-site scripting attacks (XSS).