Content Security Policy (CSP) is a security feature used by websites to control which resources - such as scripts, images, or stylesheets - can be loaded and executed in a user's browser. By defining a set of rules, CSP helps prevent attacks like cross-site scripting (XSS) and data injection by blocking unauthorized or malicious content from running. Website owners specify these rules in HTTP headers or HTML tags, making it harder for attackers to exploit vulnerabilities. CSP is an important tool for improving web security and protecting users from harmful content.