Content Security Policy (CSP) not implemented

[nutjob4life]

🐛 Describe the Bug

Content Security Policy (CSP) is an added layer of security that helps to mitigate mainly Cross-site Scripting attacks. It is not currently used by P5 but should be.

Although we pass security scans, this is a "low" security vulnerability that should be addressed increase security and reduce the "noise" in security scans that have to be parsed to find the more pressing issues.