Content-Security-Policy | style-src f.fontdeck.com *.googleapis.com ajax.aspnetcdn.com hello.myfonts.net 'unsafe-inline' 'self'; script-src *.googleapis.com app.ehoundplatform.com maps.googleapis.com tinymce.cachefly.net ajax.googleapis.com www.google-analytics.com *.qantas.com.au www.adobetag.com *.qantas.demdex.net ajax.aspnetcdn.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src cardholder.mastercardworldwide.com mtf.cardholder.mastercardworldwide.com *.fls.doubleclick.net www.youtube.com ct1.addthis.com *.qantas.demdex.net *.edentiti.com 'self'; img-src *.googleapis.com *.gstatic.com www.google-analytics.com *.qantas.com.au 'self' data:; font-src f.fontdeck.com fonts.gstatic.com 'self'; default-src 'self'; |