Content-Security-Policy | default-src *; frame-src 'self' https: http://*.google.com http://*.facebook.com http://*.twitter.com http://*.youtube.com http://*.sharethis.com http://*.googletagmanager.com http://*.vimeo.com http://*.sharpspring.com http://*.googleadservices.com http://*.doubleclick.net http://*.wistia.com http://*.wistia.net; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; font-src * data: ; img-src * data: ; media-src * blob: ; worker-src * 'unsafe-inline' 'unsafe-eval' blob: ; report-uri https://modsec.durkancloud.com/csp/report.php; |