Content-Security-Policy-Report-Only | default-src 'self' https://cdn.adonads.com yandex.ru google.com *.yandex.ru *.google.com; connect-src 'self' https://www.google-analytics.com *.yandex.ru wss: *.zopim.com; font-src 'self' dving.ru fonts.gstatic.com *.zopim.com data: application/font-woff; script-src 'self' https://ssl.google-analytics.com *.zopim.com cloud.roistat.com dev.visualwebsiteoptimizer.com www.google-analytics.com *.yandex.ru *.google.com *.googleapis.com https://*.zopim.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' fonts.googleapis.com cloud.roistat.com 'unsafe-inline'; img-src 'self' dving.ru https://ssl.google-analytics.com v2assets.zopim.io *.zopim.com www.google-analytics.com dev.visualwebsiteoptimizer.com stats.g.doubleclick.net mc.yandex.ru data: *.gravatar.com; media-src 'self' *.zopim.com; report-uri /csp-report.php |