Content-Security-Policy | default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.twimg.com platform.instagram.com platform.twitter.com www.gstatic.com www.google.com cdnjs.cloudflare.com npmcdn.com *.googleapis.com www.googletagmanager.com www.google-analytics.com; font-src 'self' data: fonts.gstatic.com fonts.googleapis.com maxcdn.bootstrapcdn.com; form-action 'self'; style-src 'self' 'unsafe-inline' *.googleapis.com maxcdn.bootstrapcdn.com platform.twitter.com; img-src 'self' data: www.google-analytics.com *.gstatic.com pbs.twimg.com *.twitter.com *.googleapis.com *.gravatar.com *.w.org ; frame-src 'self' www.gstatic.com fusiontables.googleusercontent.com *.google.com www.youtube.com *.youtube-nocookie.com www.facebook.com *.instagram.com w.soundcloud.com *.twitter.com wp-themes.com; |