Cache-Control | public, max-age=8139 |
Content-Type | text/html; charset=utf-8 |
Content-Encoding | gzip |
Expires | Sat, 07 Nov 2015 00:17:33 GMT |
Last-Modified | Fri, 06 Nov 2015 21:17:33 GMT |
Vary | * |
P3P | CP="This site does not have a p3p policy." |
Strict-Transport-Security | max-age=31536000 |
X-Frame-Options | SameOrigin |
X-Content-Type-Options | nosniff |
X-Download-Options | noopen |
X-XSS-Protection | 1; mode=block |
Content-Security-Policy | script-src 'self' 'unsafe-inline' 'unsafe-eval' *.signere.no *.unipluss.no *.bankid.no api.filepicker.io oss.maxcdn.com signereanalytics.azurewebsites.net www.google-analytics.com; object-src 'self' *.signere.no *.unipluss.no; style-src 'self' 'unsafe-inline' signerecommon.blob.core.windows.net az280641.vo.msecnd.net *.signere.no *.unipluss.no fonts.googleapis.com maxcdn.bootstrapcdn.com oss.maxcdn.com; img-src 'self' signerecommon.blob.core.windows.net signereunittest.blob.core.windows.net *.signere.no az280641.vo.msecnd.net www.filepicker.io data: www.google-analytics.com signereanalytics.azurewebsites.net signere-blog.azurewebsites.net; media-src 'none'; frame-src 'self' dialog.filepicker.io www.filepicker.io maps.google.no www.google.com tools.bankid.no www.youtube.com *.signere.no *.unipluss.no; font-src 'self' *.signere.no *.unipluss.no themes.googleusercontent.com fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com |
Access-Control-Allow-Origin | https://www.signere.no |
Access-Control-Allow-Headers | * |
Access-Control-Allow-Credentials | true |
Access-Control-Allow-Methods | GET, POST, PUT, OPTIONS |