Added support for Content-Security-Policy headers through property com.openexchange.servlet.contentSecurityPolicy in 'server.properties'. Default is null/empty string