Content-Security-Policy
Using the Content-Security-Policy response header, you can control the list of URLs to use as a payment pointer via the monetization-src directive.
Directives
Fetch directives
Restricts the URLs from which a payment pointer is loaded.
Example
Given a page with the following Content Security Policy:
Content-Security-Policy: monetization-src https://example.com/
Fetches for the following code will return network errors, as the URL provided does not match monetization-src's source list:
<link rel="monetization" href="https://example.org/payment-pointer">