| Content-Security-Policy | default-src 'self'; script-src 'self' https: *.happydoctor.ru *.yandex.ru *.yandex.net yandex.st *.googlesyndication.com *.google-analytics.com *.doubleclick.net *.gstatic.com *.google.com *.googleapis.com *.acint.net directstat.ru 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https: *.happydoctor.ru *.google.com *.googleapis.com; img-src 'self' https: data: *.2mdn.net *.happydoctor.ru directstat.ru *.doubleclick.net counter.yadro.ru *.tns-counter.ru *.acint.net *.yandex.ru *.yandex.net yastatic.net *.gstatic.com *.google.com *.googlesyndication.com *.google-analytics.com yandex.st *.feedburner.com; media-src 'self'; frame-src 'self' https: *.video.mail.ru videoapi.my.mail.ru yastatic.net *.yandex.ru www.youtube.com video.rutube.ru rutube.ru *.2mdn.net *.doubleclick.net yandex.st *.google.com www.slideshare.net; font-src 'self' https: fonts.gstatic.com; object-src 'self' https: *.youtube.com *.youtube-nocookie.com video.rutube.ru rutube.ru *.googlevideo.com *.ytimg.com *.googleapis.com *.gstatic.com *.googlesyndication.com; connect-src 'self' https: *.googleapis.com *.rutube.ru *.googlevideo.com mc.yandex.ru *.google-analytics.com; report-uri //cspbuilder.info/report/931886689310330013/ |