Content-Security-Policy | default-src 'none'; form-action 'self' *.jw2018.org *.dev.jw2018.org; img-src * data: filesystem: blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jw.azureedge.net http://jw.azureedge.net https://jw18.azureedge.net http://jw18.azureedge.net https://www.google-analytics.com http://www.google-analytics.com https://az416426.vo.msecnd.net http://az416426.vo.msecnd.net https://www.google.com http://www.google.com https://maps.googleapis.com http://maps.googleapis.com https://*.gstatic.com http://*.gstatic.com https://ipinfo.io http://ipinfo.io https://cdnjs.cloudflare.com http://cdnjs.cloudflare.com https://jw.azureedge.net http://jw.azureedge.net https://specialconventiondev.blob.core.windows.net http://specialconventiondev.blob.core.windows.net; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://jw.azureedge.net http://jw.azureedge.net https://jw18.azureedge.net http://jw18.azureedge.net https://www.google.com http://www.google.com https://ajax.googleapis.com http://ajax.googleapis.com https://fonts.googleapis.com http://fonts.googleapis.com https://jw.azureedge.net http://jw.azureedge.net https://specialconventiondev.blob.core.windows.net http://specialconventiondev.blob.core.windows.net; media-src 'self' https://jw.azureedge.net http://jw.azureedge.net; connect-src 'self' https://dc.services.visualstudio.com http://dc.services.visualstudio.com https://specialconventiondev.blob.core.windows.net http://specialconventiondev.blob.core.windows.net https://cdappsspecialconvent4569.blob.core.windows.net http://cdappsspecialconvent4569.blob.core.windows.net https://jw.azureedge.net http://jw.azureedge.net; font-src 'self' https://www.google.com http://www.google.com https://fonts.gstatic.com http://fonts.gstatic.com; frame-src 'self' https://www.google.com http://www.google.com https://maps.googleapis.com http://maps.googleapis.com; |