Content-Security-Policy | default-src 'self'; font-src https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-src 'self' https://*.vimeo.com https://js.stripe.com; connect-src 'self' https://imaging-designershow.herokuapp.com/upload https://api.stripe.com https://imaging-designershow.herokuapp.com; script-src 'self' https://js.stripe.com https://code.jquery.com https://*.google-analytics.com https://player.vimeo.com/api/player.js; img-src 'self' http://designershow.s3.amazonaws.com https://designershow.s3.amazonaws.com https://designershow.s3-us-west-2.amazonaws.com https://forms.aweber.com https://*.google-analytics.com |