Content-Security-Policy | default-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self' api.greenhouse.io api.stripe.com api.segment.io api.lever.co *.olark.com capture.trackjs.com *.filepicker.io *.filepicker.com; font-src 'self' fonts.gstatic.com netdna.bootstrapcdn.com https://d2t0ohs52n0mx7.cloudfront.net https://d1fmtzl10xd6wi.cloudfront.net https://d2duxamr8nygjn.cloudfront.net; frame-src 'self' boards.greenhouse.io js.stripe.com *.olark.com *.filepicker.io *.filepicker.com *.vimeo.com; img-src 'self' q.stripe.com bam.nr-data.net *.s3.amazonaws.com *.olark.com usage.trackjs.com www.google-analytics.com *.filepicker.io track.hubspot.com *.filepicker.com stats.g.doubleclick.net *.google.com https://d2t0ohs52n0mx7.cloudfront.net https://d1fmtzl10xd6wi.cloudfront.net https://d2duxamr8nygjn.cloudfront.net data:; media-src 'self' *.olark.com *.filepicker.io *.filepicker.com; object-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' api.greenhouse.io boards.greenhouse.io *.stripe.com api.balancedpayments.com js.balancedpayments.com ajax.googleapis.com www.google-analytics.com cdn.segment.com js-agent.newrelic.com *.olark.com d2zah9y47r7bi2.cloudfront.net *.nr-data.net *.filepicker.io *.filepicker.com js.hs-analytics.net www.googletagmanager.com https://d2t0ohs52n0mx7.cloudfront.net https://d1fmtzl10xd6wi.cloudfront.net https://d2duxamr8nygjn.cloudfront.net; style-src 'self' 'unsafe-inline' *.olark.com netdna.bootstrapcdn.com fonts.googleapis.com *.filepicker.io *.filepicker.com https://d2t0ohs52n0mx7.cloudfront.net https://d1fmtzl10xd6wi.cloudfront.net https://d2duxamr8nygjn.cloudfront.net; |