Content-Security-Policy
https://content-security-policy.com/examples/netlify/
https://docs.netlify.com/routing/headers/#syntax-for-the-headers-file
https://shopify.dev/docs/storefronts/headless/hydrogen/content-security-policy
https://tech.nri-net.com/entry/pci_dss_v40_and_csp_report
https://blog.ssrf.in/post/csp-html-webpack-plugin/