Content-Security-Policy | default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://*.googleapis.com https://www.googleadservices.com https://www.youtube.com https://*.google.com https://www.googletagmanager.com https://connect.facebook.net https://www.gstatic.com https://platform.twitter.com https://assets.pinterest.com https://log.pinterest.com https://vimeo.com http://connect.facebook.net https://pi-live.sagepay.com/; style-src 'self' 'unsafe-inline' https://*.googleapis.com https://maxcdn.bootstrapcdn.com; img-src 'self' data: https://img.youtube.com https://csi.gstatic.com https://*.googleapis.com https://maps.gstatic.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://www.google.com https://www.google.co.uk https://ssl.gstatic.com https://*.pinterest.com https://s-passets.pinimg.com https://www.facebook.com https://syndication.twitter.com https://i.vimeocdn.com https://www.gravatar.com https://dashboard.umbraco.org https://secure.adnxs.com https://stats.g.doubleclick.net https://tlg.mookie1.com https://t.mookie1.com https://gb-gmtdmp.mookie1.com; font-src 'self' https://fonts.gstatic.com https://maxcdn.bootstrapcdn.com; frame-src 'self' https://4735852.fls.doubleclick.net https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google.com https://www.google.co.uk https://www.youtube.com https://s-static.ak.facebook.com https://staticxx.facebook.com https://www.facebook.com https://platform.twitter.com https://assets.pinterest.com https://player.vimeo.com http://staticxx.facebook.com https://pi-live.sagepay.com; connect-src 'self' https://vimeo.com https://www.gravatar.com; |