Issue: Missing "Content-Security-Policy" header

Description:

Content Security Policy (CSP) is a web security standard that helps to mitigate attacks like cross-site scripting (XSS), clickjacking or mixed content issues.

Remediation:

This issue can be mitigated in ZIETrans applications by setting "Content-Security-Policy".

Refer to below link for more information about Content-Security-Policy :

Enable XSS Protection