diff --git a/server/bootstrap/src/org/labkey/filters/ContentSecurityPolicyFilter.java b/server/bootstrap/src/org/labkey/filters/ContentSecurityPolicyFilter.java
new file mode 100644
index 0000000000..59468201a7
--- /dev/null
+++ b/server/bootstrap/src/org/labkey/filters/ContentSecurityPolicyFilter.java
@@ -0,0 +1,26 @@
+package org.labkey.filters;
+
+import jakarta.servlet.Filter;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.FilterConfig;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.ServletRequest;
+import jakarta.servlet.ServletResponse;
+import java.io.IOException;
+
+/**
+ * A no-op CSP filter that gets applied (for now) to extra webapps
+ */
+public class ContentSecurityPolicyFilter implements Filter
+{
+    @Override
+    public void init(FilterConfig filterConfig) throws ServletException
+    {
+    }
+
+    @Override
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException
+    {
+        chain.doFilter(request, response);
+    }
+}