Content-Security-Policy | default-src 'none';script-src 'self' 'unsafe-eval' localhost:* localtest:* ajax.googleapis.com maps.googleapis.com ajax.aspnetcdn.com fonts.googleapis.com fonts.gstatic.com www.youtube.com s.ytimg.com www.googletagmanager.com www.google-analytics.com https://cdnjs.cloudflare.com;style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com https://cdnjs.cloudflare.com;img-src 'self' localhost:* localtest:* data: maps.googleapis.com https://csi.gstatic.com https://maps.gstatic.com https://cdnjs.cloudflare.com www.google-analytics.com stats.g.doubleclick.net;media-src 'self';font-src 'self' maxcdn.bootstrapcdn.com fonts.googleapis.com fonts.gstatic.com;connect-src 'self';child-src *.youtube.com;form-action 'self';report-uri /WebResource.axd?cspReport=true |