Content-Security-Policy-Report-Only | default-src *; style-src 'self' *.episerver.net *.easyresearch.se 'unsafe-inline'; script-src 'self' imp.nowinteract.com customerzone-nowinteractnordi.netdna-ssl.com *.easyresearch.se *.googleapis.com *.webtrends.com *.webtrendslive.com *.googletagmanager.com *.google.se *.google-analytics.com *.googleadservices.com *.adform.net *.adtraction.com *.addthis.com *.compricer.se *.ica.se *.facebook.com connect.facebook.net *.g.doubleclick.net 'unsafe-inline' 'unsafe-eval'; object-src 'self'; report-uri /secure/services/cspReport.ashx; |