Content-Security-Policy | default-src 'self' https://www.google-analytics.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://www.google-analytics.com/analytics.js http://maps.googleapis.com/ http://connect.facebook.net/en_US/sdk.js http://platform.twitter.com/widgets.js https://platform.twitter.com/js/ http://browser-update.org/update.min.js; style-src 'self' 'unsafe-inline' http://fonts.googleapis.com/; img-src 'self' data: http://www.google-analytics.com/ http://csi.gstatic.com/ http://maps.gstatic.com/ http://maps.googleapis.com/ http://khm0.googleapis.com/ http://khm1.googleapis.com/ https://www.facebook.com/ https://syndication.twitter.com/; font-src 'self' http://fonts.gstatic.com/; frame-src 'self' http://maps.google.com/maps https://www.google.com/maps/ https://www.facebook.com/ http://staticxx.facebook.com/ https://staticxx.facebook.com/ http://platform.twitter.com/ https://syndication.twitter.com/; |