Content-Security-Policy | default-src 'self' data: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.hotjar.com https: wss:; font-src 'self' https: data:; script-src 'self' *.googleadservices.com *.googletagmanager.com *.google.com *.google-analytics.com *.facebook.com *.fbcdn.net *.facebook.net platform.twitter.com disqus.com *.disqus.com *.disquscdn.com *.hotjar.com https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' *.googleadservices.com *.google.com *.gstatic.com *.paypal.com disqus.com *.disqus.com *.disquscdn.com *.gravatar.com data: https:; frame-src 'self' *.googletagmanager.com *.google.com *.facebook.com platform.twitter.com disqus.com *.disqus.com https:; style-src 'self' tagmanager.google.com https: 'unsafe-inline'; |