Content Security Policy (CSP) is a security feature that helps prevent cross-site scripting (XSS) attacks and other code injection attacks. It allows website owners to specify which sources are allowed for file inclusions, such as scripts, stylesheets, and images.
With Cradle software, when including a file from assets with the templating filter script_tag, we generate integrity hashes in the script tag to support strict levels of CSP.