Content-Security-Policy | default-src 'none';script-src 'self' localhost:* 'unsafe-inline' ajax.aspnetcdn.com www.google.com 'unsafe-eval' *.googleapis.com *.youtube.com s.ytimg.com me-twalton.store20.accesso.com *.googletagmanager.com *.google-analytics.com;style-src 'self' 'unsafe-inline' *.googleapis.com;img-src 'self' data: sw8-live.azureedge.net www.google.com placehold.it *.gstatic.com *.googleapis.com *.google-analytics.com img.youtube.com;font-src 'self' data: *.gstatic.com;connect-src 'self' localhost:* ws://localhost:*;frame-src 'self' *.youtube.com *.vimeo.com me-twalton.store20.accesso.com;media-src 'self' data: sw8-live.azureedge.net;object-src 'self' sw8-live.azureedge.net;form-action 'self'; |