Content-Security-Policy | base-uri 'self'; connect-src *; default-src 'self' 'unsafe-eval' data: blob: https://*.synology.com; font-src 'self' data: https://*.google.com https://*.googleapis.com https://*.gstatic.com; form-action 'self'; frame-ancestors 'self' https://gofile.me http://gofile.me; frame-src 'self' data: blob: https://*.synology.com http://*.synology.com; img-src 'self' data: blob: https://*.google.com https://*.googleapis.com http://*.googlecode.com https://*.gstatic.com; media-src 'self' data: about:; report-uri webman/csp_report.cgi; script-src 'self' 'unsafe-eval' data: blob: https://*.synology.com https://*.google.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://*.google.com https://*.googleapis.com; |