This will help prevent cross-site scripting: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
This will help prevent cross-site scripting: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP