Content-Security-Policy | default-src 'self' *.youtube.com https://staticxx.facebook.com *.facebook.com; style-src 'self' 'unsafe-inline' *.typekit.net https://use.typekit.net *.googleapis.com http://netdna.bootstrapcdn.com; script-src 'self' 'unsafe-inline' http://s3-eu-west-1.amazonaws.com *.typekit.net https://use.typekit.net https://www.google-analytics.com *.google-analytics.com *.google.com *.googleapis.com *.facebook.net; font-src 'self' data:; img-src 'self' *.youtube.com https://www.google-analytics.com *.google-analytics.com *.gstatic.com https://p.typekit.net *.typekit.net *.google.com *.googleapis.com https://www.facebook.com *.facebook.com data:; report-uri https://htmlkodercom.report-uri.io/r/default/csp/enforce; |