Document directive

CSP document directives are used in a Content-Security-Policy header and govern the properties of a document or worker environment to which a policy applies.

Document directives don't fall back to the default-src directive.

List of CSP document directives

Restricts the URLs which can be used in a document's <base> element.
Restricts the set of plugins that can be embedded into a document by limiting the types of resources which can be loaded.
Enables a sandbox for the requested resource similar to the <iframe> sandbox attribute.
Ensures a resource will disown its opener when navigated to.