Content-Security-Policy | base-uri https://fr.pronocontest.com; default-src 'self'; script-src 'self' https://s3.eu-west-3.amazonaws.com https://maps.googleapis.com blob: https://fr.pronocontest.com https://www.pronocontest.com https://cdn.pronocontest.net https://www.google.com https://cdn.tinymce.com https://www.google-analytics.com 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com https://apis.google.com https://connect.facebook.net https://stats.g.doubleclick.net; img-src 'self' https://cdn.pronocontest.net https://s3.eu-west-3.amazonaws.com https://csi.gstatic.com https://maps.googleapis.com https://maps.gstatic.com http://cdn.tinymce.com data: https://secure.gravatar.com https://www.google-analytics.com https://www.facebook.com https://web.facebook.com/ https://stats.g.doubleclick.net; style-src 'self' https://s3.eu-west-3.amazonaws.com https://fonts.googleapis.com https://cdn.tinymce.com https://cdn.pronocontest.net 'unsafe-inline'; font-src 'self' https://s3.eu-west-3.amazonaws.com https://cdn.tinymce.com https://cdn.pronocontest.net https://fonts.gstatic.com https://fonts.googleapis.com data:; child-src 'self' https://s3.eu-west-3.amazonaws.com https://www.facebook.com https://web.facebook.com/ https://s-static.ak.facebook.com https://plusone.google.com https://apis.google.com https://staticxx.facebook.com https://accounts.google.com https://www.google.com ; connect-src 'self' https://apis.google.com; object-src 'self' blob: |