An Introduction to Content Security Policy – HTML5 Rocks Mitigate the risk of cross-site scripting attacks by whitelisting trusted origins with a Content Security Policy.