Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross-Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft, to site defacement, to malware distribution. To enable CSP, you need to configure your web server to return the Content-Security-Policy HTTP header.
This tool helps you create and edit a complex CSP policy more easily. If you want to test the CSP policy, you can load the CSP policy below to your web server or ModHeader.