pavex::http::header

Constant CONTENT_SECURITY_POLICY

pub const CONTENT_SECURITY_POLICY: HeaderName;
Expand description

Allows controlling resources the user agent is allowed to load for a given page.

With a few exceptions, policies mostly involve specifying server origins and script endpoints. This helps guard against cross-site scripting attacks (XSS).