We have a vulnerability reported on one of our hosted application
Need your support if we can achieve this using LTM policies or irules
Remediation from OEM:
Enable Content-Security-Policy response header for MPP with the following directives to mitigate XSS.
Content-Security-Policy: default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self';