Content-Security-Policy-Report-Only | default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: logger.scot.nhs.uk *.fontawesome.com use.typekit.net *.google.com *.google.co.uk *.googleapis.com themes.googleusercontent.com *.gstatic.com code.jquery.com yui.yahooapis.com *.bootstrapcdn.com |
NEL | {"failure_fraction": 1.0, "include_subdomains": false, "max_age": 30, "report_to": "nel-endpoint", "success_fraction": 0.0} |
Permissions-Policy | camera=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), usb=() |
Referrer-Policy | strict-origin-when-cross-origin |
Report-To | {"endpoints": [{"url": "https://web-reports.scot.nhs.uk/api/v1/nel-report"}], "group": "nel-endpoint", "include_subdomains": false, "max-age": 2592000} |
Reporting-Endpoints | default="https://web-reports.scot.nhs.uk/api/v2/default", csp-endpoint="https://web-reports.scot.nhs.uk/api/v2/csp-report" |
Server | rocket |