W3C introduced a standard to help protect websites against XSS by adding the following meta tag to the website response generated by a server:
Content-Security-Policy: script-src 'self'; object-src 'none'
References:
W3C introduced a standard to help protect websites against XSS by adding the following meta tag to the website response generated by a server:
Content-Security-Policy: script-src 'self'; object-src 'none'
References: