Content-Security-Policy | default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.twitter.com https://*.twimg.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.twitter.com https://*.facebook.net https://*.twimg.com https://*.jwpcdn.com https://assets.zendesk.com/ https://internationalwaterassociation.zendesk.com https://*.zopim.com https://api.airbrake.io; font-src 'self' data: https://fonts.gstatic.com; img-src * data: blob:; frame-src 'self' https://*; connect-src 'self' wss://* ws://* https://*.zendesk.com; |