Content Security Policy
Content Security Policy (CSP) is supported in all modern browsers and protects against XSS by whitelisting allowed sources of script, style, media and other resources when you visit a website.
To have this kind of protection, the CSP configurations need to be done in the web server configurations and is a special response header (Content-Security-Policy) sent from the server back to the browser, when a page is requested.
We have taken these extra security measures to make sure our CSP configurations are as strict as possible by whitelisting only internal resources, and thereby blacklisting any kind of external loading of resources in the client’s browser when visiting our website and using our services, and therefore enforce our user’s privacy.
There is a really good chance that your browser supports CSP, but you can verify it here: http://caniuse.com/#feat=contentsecuritypolicy
More information about Content Security Policy: