Is it possible to prevent a page being loaded using XHR?

Is it possible to prevent a page being loaded using XHR?

I want to transmit sensitive information in say the index.html which
should only be accessible from JavaScript during the load time of the
page. Afterwards the JavaScript on the page should not be able to access
that data.
I can easily remove the sensitive data from the DOM on load but I also
need to prevent the page being loaded using XMLHTTPRequest or by scraping
it from an IFrame.
I can block the IFrame using the X-Frame-Options header and other frame
busting tricks but how can I block the page from being loaded using XHR?
The best solution I came up with is to serve the index.html with a CSP
header that doesn't include self in the connect-src directive but then I
can't XHR to any URL on my server and I need to white list all other
possible connect targets. There must be a better way to do it.