Content-Security-Policy | script-src 'self' 'unsafe-eval' 'unsafe-inline' https://s.mixadvert.com www.google.com code.jquery.com http://vk.com https://vk.com https://login.vk.com https://apis.google.com https://ajax.googleapis.com ajax.googleapis.com pagead2.googlesyndication.com https://pagead2.googlesyndication.com googleads.g.doubleclick.net https://googleads.g.doubleclick.net; frame-src 'self' www.google.com https://apis.google.com ajax.googleapis.com https://www.youtube.com fresh-video.com www.youtube.com https://accounts.google.com googleads.g.doubleclick.net https://googleads.g.doubleclick.net vk.com https://login.vk.com; report-uri /csp/test.php; |