CSP is a standard introduced to prevent attacks on your website. Attacks mean an XSS, clickjacking, or malicious code injection. CSP is widely supported by all the modern web browsers and it gives privilege to website owners to approve origins of content that browsers should be allowed to load on that website.