Content-Security-Policy | default-src 'self' https: https://www.alargo.no https://www.alargo.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: https://maxcdn.bootstrapcdn.com *.hotjar.com https://cdnjs.cloudflare.com https://maps.google.com; style-src 'self' 'unsafe-inline' https: https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com https://ajax.googleapis.com https://maps.google.com; img-src 'self' https: https://www.alargo.no https://www.alargo.com http://www.globalmediaserver.com data:; font-src 'self' https: https://fonts.googleapis.com; connect-src 'self' https: *.hotjar.com wss://*.hotjar.com; media-src 'self' https:; object-src 'self' https:; child-src 'self' https: https://epayment.bbs.no https://epayment-test.bbs.no; |