Mitigate cross-site scripting (XSS) with a strict Content Security Policy (CSP)

A very effective defense against cross-site scripting.