Content-Security-Policy | script-src 'self' 'unsafe-eval' 'unsafe-inline' http://vk.com https://vk.com https://login.vk.com https://apis.google.com *.gstatic.com www.gstatic.com ajax.googleapis.com www.google-analytics.com connect.facebook.net platform.twitter.com mc.yandex.ru pagead2.googlesyndication.com googleads.g.doubleclick.net surfingbird.ru an.yandex.ru yandex.st userapi.com counter.rambler.ru; frame-src 'self' https://www.youtube.com www.youtube.com https://apis.google.com yastatic.net ajax.googleapis.com http://static.ak.facebook.com https://s-static.ak.facebook.com http://www.facebook.com https://www.facebook.com connect.facebook.net https://accounts.google.com platform.twitter.com googleads.g.doubleclick.net vk.com https://vk.com https://login.vk.com video.yandex.ru; report-uri /templates/beez5/csp/test.php; |