Mitigate cross-site scripting attacks by only allowing certain sources of script, style, and other resources.