Content-Security-Policy-Report-Only | base-uri 'self'; default-src 'none'; child-src 'self'; connect-src 'self' https://*.google-analytics.com https://sentry.io https://stats.g.doubleclick.net https://www.facebook.com; font-src 'self' https://fonts.gstatic.com https://hello.myfonts.net data:; |
Permissions-Policy | accelerometer=('none'), ambient-light-sensor=('none'), autoplay=('self'), battery=('none'), camera=('none'), display-capture=('self' *), encrypted-media=('self'), fullscreen=('self'), geolocation=('none'), interest-cohort=('none') |
Referrer-Policy | same-origin |
Server | nginx |
X-Content-Security-Policy-Report-Only | base-uri 'self'; default-src 'none'; child-src 'self'; connect-src 'self' https://*.google-analytics.com https://sentry.io https://stats.g.doubleclick.net https://www.facebook.com; font-src 'self' https://fonts.gstatic.com https://hello.myfonts.net data:; |
X-WebKit-CSP-Report-Only | base-uri 'self'; default-src 'none'; child-src 'self'; connect-src 'self' https://*.google-analytics.com https://sentry.io https://stats.g.doubleclick.net https://www.facebook.com; font-src 'self' https://fonts.gstatic.com https://hello.myfonts.net data:; |