Content-Security-Policy | default-src 'none';script-src 'self' ajax.googleapis.com ajax.aspnetcdn.com http://www.google.com/recaptcha/ https://cdn.datatables.net https://www.gstatic.com/recaptcha/ https://www.google-analytics.com/analytics.js http://www.google-analytics.com/analytics.js;style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com http://fonts.googleapis.com;img-src 'self' data: https://www.google-analytics.com https://google-analytics.com;frame-src https://www.google.com/maps/ https://www.google.com/recaptcha/;font-src 'self' maxcdn.bootstrapcdn.com http://fonts.gstatic.com;connect-src 'self';form-action 'self' https://www.sandbox.paypal.com https://www.paypal.com;upgrade-insecure-requests;report-uri /WebResource.axd?cspReport=true |