- Convert your pem to pins: Link
At its core, the Content Security Policy header allows you to define where your web pages are allowed to load content from.
A mechanism web applications can use to mitigate a broad class of content injection vulnerabilities, such as cross-site scripting (XSS)
Oh, and it’s awesome.