Content Security Policy (CSP)

[SoniEx2]

Is your feature request related to a problem? Please describe.

Sometimes developers make mistakes and those mistakes can enable XSS.

Describe the solution you'd like

CSP is an important tool in limiting the scope of such mistakes, and preventing many common forms of XSS.

Describe alternatives you've considered

Nothing can really replace CSP, tho alternatives can certainly seem more convenient.

Additional context

This is related to modrinth previously allowing javascript: URLs in mod metadata (license, homepage, etc).