Content-Security-Policy | script-src 'self' 'unsafe-eval' ajax.googleapis.com www.googletagmanager.com www.google-analytics.com https://www.gstatic.com https://www.googleadservices.com 'nonce-6a21ac3926ad3196e172cbf4c30c558a'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://www.gstatic.com; report-uri /csp; default-src 'self'; frame-src 'self' https://www.youtube.com; img-src 'self' http://0.0.0.0:8081 *.googleusercontent.com www.google-analytics.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk *.youtube.com https://www.gstatic.com data:; font-src 'self' https://fonts.gstatic.com data http://fonts.gstatic.com data: |