Modern Web applications can protect from XSS attacks by adding a CSP header. this header allows to define client side code execution security policy that is stronger than a generic X-XSS-PROTECTION header.

Our customers demand that portals under our domains (such as Document360) will be protected with CSP headers.