| Content-Security-Policy | default-src 'self'; connect-src 'self' ws://*.onemodel.us ws://onemodel.us https://*.s3.amazonaws.com/uploaded/ https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com; child-src 'self' https://share.intercom.io https://www.youtube.com https://player.vimeo.com https://fast.wistia.net; font-src 'self' https://js.intercomcdn.com; media-src 'self' https://js.intercomcdn.com; img-src 'self' blob: https://prod-stack-publicassetsbucket-16big4jc6lpns.s3.amazonaws.com https://*.onemodel.us/ data: https://js.intercomcdn.com https://static.intercomassets.com https://uploads.intercomcdn.com https://uploads.intercomusercontent.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; style-src 'self' 'unsafe-inline' |