monetization-src directive within the HTTP Content-Security-Policy (CSP) allows you to restrict the URLs from which an Open Payments-enabled wallet address, such as a payment pointer, can be loaded.
The basic syntax is as follows, where
source is a serialized source list. More than one source can be allowed for the
<source> can be any one of the values listed in CSP Source Values.
A website administrator wants to restrict the URLs from which a wallet address can be loaded.
Given this CSP header:
Fetches for the following monetization source will return a network error and not load, as the URL does not match the URL defined in the CSP source list.