Cache-Control | no-cache, no-store, must-revalidate |
Content-Type | text/html; charset=utf-8 |
Content-Security-Policy | script-src 'unsafe-eval' 'unsafe-inline' 'self' https://serverapi.arcgisonline.com *.cornexchangetest.gov.uk *.exetercornexchange.co.uk *.google-analytics.com *.siteimprove.com https://siteimproveanalytics.com *.spektrix.com *.twitter.com *.twimg.com https://content.govdelivery.com *.whoson.com; object-src 'self'; style-src 'self' 'unsafe-inline' https://serverapi.arcgisonline.com *.twitter.com; img-src 'self' data: *.twitter.com *.twimg.com *.cornexchangetest.gov.uk *.exetercornexchange.co.uk *.google-analytics.com https://content.govdelivery.com https://serverapi.arcgisonline.com *.siteimprove.com *.whoson.com; media-src 'self'; font-src 'self'; connect-src *.cornexchangetest.gov.uk *.exetercornexchange.co.uk 'self' *.google-analytics.com *.siteimprove.com *.whoson.com; form-action 'self' *.cornexchangetest.gov.uk *.exetercornexchange.co.uk; frame-ancestors 'none'; |
X-MiniProfiler-Ids | ["dc89521c-c8c6-4b4d-a305-30af204e657a"] |
X-Frame-Options | SAMEORIGIN |
X-XSS-Protection | 1; mode=block |
Strict-Transport-Security | max-age=31536000; |
X-Permitted-Cross-Domain-Policies | master-only |
Content-Length | 48143 |