Content-Security-Policy | default-src 'self' https://web.facebook.com https://www.facebook.com https://static.olark.com https://staticxx.facebook.com http://staticxx.facebook.com http://fast.wistia.com https://fast.wistia.com https://js.driftt.com/dist/index-prod.html; script-src 'self' 'unsafe-inline' http://fast.wistia.net https://fast.wistia.net https://connect.facebook.net/ http://connect.facebook.net/en_US/sdk.js https://sdk.accountkit.com https://maxcdn.bootstrapcdn.com https://api.rollbar.com http://cdn.rawgit.com https://ajax.googleapis.com/ http://www.google-analytics.com https://code.jquery.com http://static.olark.com/ https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js http://assets.olark.com http://nrpc.olark.com https://api.olark.com https://d37gvrvc0wt4s1.cloudfront.net https://fast.wistia.com http://src.litix.io/core/2/mux.js https://src.litix.io https://js.driftt.com http://fast.wistia.com/assets/external/requireEmail-v1.js http://fast.wistia.com/assets/external/share.js https://www.google-analytics.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com http://cdn.jsdelivr.net http://cdn.rawgit.com http://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com http://fonts.googleapis.com/ http://static.olark.com; font-src 'self' https://fonts.gstatic.com http://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com data: http://fonts.gstatic.com http://fast.wistia.com https://fast.wistia.com; img-src img.com data: https://web.facebook.com https://www.facebook.com/ https://www.accountkit.com https://s3-us-west-1.amazonaws.com/getloyalti/ http://log.olark.com/ http://www.google-analytics.com https://www.google-analytics.com https://www.barfoot.co.nz https://demo.getloyalti.com https://staging.getloyalti.com https://loyalti.com https://getloyalti.com http://fast.wistia.com https://fast.wistia.com https://embedwistia-a.akamaihd.net https://fg8vvsvnieiv3ej16jby.litix.io; connect-src 'self' https://fg8vvsvnieiv3ej16jby.litix.io https://embed-ssl.wistia.com http://embed-e.wistia.com https://embedwistia-a.akamaihd.net http://nrpc.olark.com https://api.rollbar.com https://distillery.wistia.com http://pipedream.wistia.com https://pipedream.wistia.com https://event.api.drift.com; media-src 'self' blob: data: http://static.olark.com/ http://embed.wistia.com https://embed-ssl.wistia.com |