SoftwareTestPilot

Advanced – Security Testing

Content Security Policy (CSP) – ISTQB Definition

Last Updated: July 12, 2026 · SoftwareTestPilot QA Team

Official ISTQB Definition

An HTTP response header that restricts sources for scripts, styles, images, and other resources to mitigate XSS.

In simple words

A browser policy that blocks scripts and resources from unapproved sources.

Exam tip

CSP is a primary defense against XSS — testers verify report-only vs. enforce modes.

Related terms

Practice this term in the ISTQB Mock Test

40 CTFL v4.0 questions, 60-minute timer, instant scoring and chapter-wise breakdown.

Practice in Mock Test