- A computer security standard introduced to prevent cross-site scripting (XSS), clickjacking, and other code injection attacks resulting from execution of malicious content in the trusted web page context. CSP provides a standard method for website owners to declare approved origins of content that browsers should be allowed to load on that website—covered types are JavaScript, CSS, HTML frames, web workers, fonts, images, embeddable objects such as Java applets, ActiveX, audio and video files, and other HTML features. ← Wikipedia ↑ w3.org/TR/CSP
- More about this term (beta): Web search, articles and videos, books
- Previous term: Content projection
- Next term: Content sniffing
- Random term: SPA