Skip to main content

Content-Security-Policy

Using the Content-Security-Policy response header, you can control the list of URLs to use as a payment pointer via the monetization-src directive.

Directives

Fetch directives

monetization-src

Restricts the URLs from which a payment pointer is loaded.

Example

Given a page with the following Content Security Policy:

Content-Security-Policy: monetization-src https://example.com/

Fetches for the following code will return network errors, as the URL provided does not match monetization-src's source list:

<link rel="monetization" href="https://example.org/payment-pointer">

Specifications

Browser compatibility