Content-Security-Policy | default-src 'none';script-src 'self' 'unsafe-eval' trackcmp.net realvitur.activehosted.com *.googleapis.com *.gstatic.com *.google-analytics.com ajax.aspnetcdn.com cdn.jsdelivr.net *.yahooapis.com http://*.maps.yahoo.com cdn.rawgit.com;object-src 'self';style-src 'self' 'unsafe-inline' *.googleapis.com cdn.jsdelivr.net cdn.rawgit.com maxcdn.bootstrapcdn.com;img-src 'self' data: *.googleapis.com *.gstatic.com *.google-analytics.com cdn.jsdelivr.net http://*.solferias.com http://*.solferias.pt http://*.nortravel.pt http://*.soltour.pt http://*.jade.travel;frame-src 'self';font-src 'self' *.gstatic.com maxcdn.bootstrapcdn.com;connect-src 'self' realvitur.activehosted.com;form-action 'self';plugin-types application/pdf;report-uri /WebResource.axd?cspReport=true |