Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement to distribution of malware.
we need this to be added so we can sleep better at night.
Custom headers, including the CSP headers, can be defined within the Security Toolkit extension.