Dominic Allemann

### Current Behavior No CSP present: ### Proposed Behavior https://github.com/DependencyTrack/frontend/blob/master/docker/etc/nginx/conf.d/default.conf#L4 `add_header Content-Security-Policy "default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; connect-src 'self'; manifest-src 'self'" always;` ### Checklist...

### Describe the need There is no terraform ressource available to configure Code Security Configuration on org level. Therefore the current [Code Security Configuration](https://github.com/organizations/YOUR-ORG/settings/security_products) is done via UI. ### Code...