Content-Security-Policy | default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google-analytics.com https://www.google.com connect.facebook.net https://apis.google.com https://d2wy8f7a9ursnm.cloudfront.net https://www.gstatic.com https://d32exi8v9av3ux.cloudfront.net; style-src 'self' 'unsafe-inline' https://ajax.googleapis.com https://fonts.googleapis.com https://www.google.com https://d2wy8f7a9ursnm.cloudfront.net https://www.gstatic.com https://d32exi8v9av3ux.cloudfront.net; img-src 'self' data: *.google-analytics.com https://www.google.com https://chart.googleapis.com https://www.facebook.com https://d2wy8f7a9ursnm.cloudfront.net https://d32exi8v9av3ux.cloudfront.net https://s3.amazonaws.com https://www.bitx.co https://*.googleusercontent.com https://scontent.xx.fbcdn.net; connect-src 'self' wss://ws.bitx.co wss://www.luno.com https://d32exi8v9av3ux.cloudfront.net; font-src data: https://fonts.googleapis.com https://fonts.gstatic.com https://d32exi8v9av3ux.cloudfront.net; media-src https://d2wy8f7a9ursnm.cloudfront.net; frame-src https://www.google.com https://accounts.google.com https://staticxx.facebook.com https://www.facebook.com; |