Content-Security-Policy | default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.smi2.ru www.directadvert.ru st.directadvert.ru top-fwz1.mail.ru openstat.net *.googleapis.com *.gstatic.com https://*.googleapis.com https://*.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://fonts.googleapis.com; object-src 'self'; img-src 'self' *.smi2.net counter.yadro.ru top-fwz1.mail.ru img.directadvert.ru openstat.net aid.xidx.org https://*.googleapis.com https://*.gstatic.com *.googleapis.com *.gstatic.com; font-src fonts.gstatic.com https://fonts.gstatic.com; |