Server | nginx/1.6.2 |
Content-Type | text/html;charset=UTF-8 |
Transfer-Encoding | chunked |
Connection | keep-alive |
X-XSS-protection | 1; mode=block |
X-Frame-Options | SAMEORIGIN |
Cache-Control | private, no-store, no-cache, must-revalidate |
Pragma | no-cache |
Content-Security-Policy | script-src 'unsafe-inline' 'unsafe-eval' 'self' *.google.com *.hypo-alpe-adria.si *.googleapis.com *.w3.org *.jcp.org *.primefaces.org *.gstatic.com |
X-Content-Security-Policy | script-src 'unsafe-inline' 'unsafe-eval' 'self' *.google.com *.hypo-alpe-adria.si *.googleapis.com *.w3.org *.jcp.org *.primefaces.org *.gstatic.com |
X-Content-Type-Options | nosniff |