i'm a new self learner to html and now i'm learning about meta tags , and rn i'm studying about content-security-policy . i've seen that csp consist of 2 part , the directive and the value . i understand the directives but i don't understand the value .
'self' allows resources from same origin , but why people add another value? a link. what does it mean ?
<meta http-equiv="content-security-policy" content="default-src 'self' example.com *.example.com">
what does this mean and what are exactly the links? are they links for a document maybe a js document or css stylesheet? or is it a link that goes (https...etc) ? i'm new to this and i have no idea about any programming language i'm just learning about meta tag attributes so please help me and give me a good explanation about this topic because i really don't understand