What is Content Security Policy
Content-Security-Policy is the name of a HTTP response header that modern browsers use to enhance the security of the document (or web page). The Content-Security-Policy header allows you to restrict how resources such as JavaScript, CSS, or pretty much anything that the browser loads.
Content-Security-Policy is designed to mitigate and reduce the attack surface of Cross Site Scripting (XSS) attacks as well as other forms of attacks such as Click Jacking.
How to implement Content Security Policy in your marketplace
Under "Content", "Content Security Policy"
Edit the content security policy by editing the given hostname to either block or allow access.
This feature is only available on the Enterprise package. Click here to find out more about Content Security policy.