...
Type | Domains | Extra* |
---|---|---|
script-src | https://*.mopinion.com | 'unsafe-inline' |
style-src | https://*.mopinion.com https://fonts.googleapis.com | |
frame-src | https://*.mopinion.com | |
connect-src | http://*.mopinion.com | |
img-src | https://*.mopinion.com | |
font-src | 'self' data: https://*.mopinion.com https://fonts.gstatic.com |
*The 'unsafe-inline' setting is only needed when the script is loaded inline in the HTML of the page. When using a tag manager or loading the script from a file ‘unsafe-inline’ can be removed from the CSP.
...