Server | Jetty(9.3.5.v20151012) |
Access-Control-Allow-Origin | * |
Access-Control-Allow-Methods | POST, GET, OPTIONS |
Access-Control-Expose-Headers | cache-control,content-type,encoding |
Access-Control-Max-Age | 86400 |
X-UA-Compatible | IE=edge |
Content-Security-Policy | default-src 'self'; script-src 'self' www.google.com www.google-analytics.com code.jquery.com api.flickr.com ajax.googleapis.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src 'self' blob: interceptum.com www.google-analytics.com data:; frame-ancestors 'self'; font-src 'self' fonts.gstatic.com; |
X-Frame-Options | SAMEORIGIN |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
Content-Type | text/html;charset=utf-8 |
Content-Language | en |
Cache-Control | no-cache |
Vary | Accept-Encoding,User-Agent |
Content-Encoding | gzip |
Connection | close |