Content-Security-Policy | default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.sitecore.net https://*.google.com https://*.gstatic.com *.google-analytics.com https://js-agent.newrelic.com https://bam.nr-data.net *.googleapis.com https://*.edialog24.com https://*.edialog24.no https://edialog24.no https://tb.de17a.com https://track.adform.net https://connect.facebook.net https://googleads.g.doubleclick.net https://www.googleadservices.com https://www.googletagmanager.com;style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css https://hello.myfonts.net/count/2637c7 https://fonts.googleapis.com https://*.edialog24.no https://tagmanager.google.com;img-src 'self' * data:;frame-src 'self' https://*.google.com *.youtube.com *.vimeo.com *.morningstar.com *.portalbank.no http://*.sitecore.net https://*.doubleclick.net https://*.adform.net https://www.google.se https://www.google.no https://www.googletagmanager.com;font-src 'self' https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com;connect-src 'self' http://*.sitecore.net;report-uri /WebResource.axd?cspReport=true |