Skip to content

Commit

Permalink
csp update again funding choices
Browse files Browse the repository at this point in the history
  • Loading branch information
@mikeyfe6
mikeyfe6 committed Sep 15, 2024
1 parent 74a6212 commit 13f922b
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion netlify.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ for = "/*"
Access-Control-Allow-Origin = "https://facebook.com"
Vary = "Origin"

Content-Security-Policy = "default-src 'self' js-eu1.hsadspixel.net js-eu1.hscollectedforms.net js-eu1.usemessages.com js-eu1.hs-banner.com js-eu1.hs-analytics.net snap.licdn.com disqus.com c.disquscdn.com cdnjs.cloudflare.com connect.facebook.net www.google-analytics.com www.googletagmanager.com; script-src 'report-sample' 'self' 'unsafe-eval' 'unsafe-inline' js-eu1.hsadspixel.net js-eu1.usemessages.com js.hs-scripts.com adservice.google.ae a.disquscdn.com vidstat.taboola.com js-eu1.hscollectedforms.net js-eu1.hs-banner.com js-eu1.hs-analytics.net js-eu1.hs-scripts.com sb.scorecardresearch.com gum.criteo.com cdn.taboola.com cdn.ampproject.org snap.licdn.com adservice.google.com adservice.google.nl c.disquscdn.com connect.facebook.net d33wubrfki0l68.cloudfront.net menefex.disqus.com links.services.disqus.com maps.googleapis.com pagead2.googlesyndication.com partner.googleadservices.com tpc.googlesyndication.com unpkg.com www.google-analytics.com www.google.com www.googletagmanager.com www.googletagservices.com www.gstatic.com; style-src 'report-sample' 'self' 'unsafe-inline' data: www.gstatic.com translate.googleapis.com cdnjs.cloudflare.com fonts.googleapis.com c.disquscdn.com vidstat.taboola.com; object-src 'none'; base-uri 'self'; connect-src 'self' googleads.g.doubleclick.net www.google.com adservice.google.com api-eu1.hubapi.com js-eu1.hsadspixel.net code.cdn.mozilla.net js.hs-scripts.com js-eu1.usemessages.com api-eu1.hubspot.com px.ads.linkedin.com vast.aniview.com forms-eu1.hscollectedforms.net gum.criteo.com cdn.linkedin.oribi.io translate.googleapis.com cdn.ampproject.org a.disquscdn.com tpc.googlesyndication.com js-eu1.hs-analytics.net js-eu1.hscollectedforms.net am-vid-events.taboola.com web.ssp.yahoo.com socialplugin.facebook.net wf.taboola.com am-wf.taboola.com region1.analytics.google.com js-eu1.hs-banner.com forms-eu1.hubspot.com region1.google-analytics.com web.facebook.com js-eu1.hs-scripts.com pips.taboola.com cds.taboola.com am-trc-events.taboola.com 15.taboola.com www.facebook.com trc.taboola.com trc-events.taboola.com reporting.services.disqus.com tempest.services.disqus.com snap.licdn.com disqus.com c.disquscdn.com maps.gstatic.com feedburner.google.com s3.feedly.com menefex.disqus.com images.ctfassets.net maps.googleapis.com www.gstatic.com unpkg.com fonts.gstatic.com i.postimg.cc connect.facebook.net d33wubrfki0l68.cloudfront.net cdnjs.cloudflare.com fonts.googleapis.com analytics.google.com links.services.disqus.com pagead2.googlesyndication.com stats.g.doubleclick.net www.google-analytics.com www.google.nl; font-src 'self' data: chrome-extension fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' td.doubleclick.net app-eu1.hubspot.com www.googletagmanager.com tsdtocl.com gum.criteo.com imprammp.taboola.com am-match.taboola.com tempest.services.disqus.com disqus.com googleads.g.doubleclick.net open.spotify.com pagead2.googlesyndication.com tpc.googlesyndication.com web.facebook.com www.facebook.com www.google.com; img-src 'self' data: www.google.fr www.google.com.tr track.hubspot.com www.google.co.id www.google.com.ng www.google.co.ke fonts.gstatic.com www.google.lk www.google.cz www.google.pl www.google.co.ug www.google.ae csm.nl.eu.criteo.net translate.google.com vidstatb.taboola.com trc.taboola.com vidstat.taboola.com connect.facebook.net am-vid-events.taboola.com www.google.co.uk track-eu1.hubspot.com forms-eu1.hsforms.com region1.google-analytics.com www.soolide.com sb.scorecardresearch.com images.taboola.com i.ytimg.com content-cdn.tipsenweetjes.nl am-trc-events.taboola.com trc-events.taboola.com ce.lijit.com cdn.taboola.com px4.ads.linkedin.com www.linkedin.com px.ads.linkedin.com www.google.es stats.g.doubleclick.net www.googletagmanager.com d33wubrfki0l68.cloudfront.net www.google.co.in www.gstatic.com cdn.viglink.com links.services.disqus.com c.disquscdn.com referrer.disqus.com feedburner.google.com i.postimg.cc images.ctfassets.net maps.googleapis.com maps.gstatic.com pagead2.googlesyndication.com s3.feedly.com www.facebook.com www.google-analytics.com www.google.com www.google.nl www.google.be; manifest-src 'self'; media-src 'self' cdn.taboola.com videos.taboola.com; worker-src 'self'; form-action 'self' www.facebook.com; frame-ancestors 'self' https:; upgrade-insecure-requests; report-uri https://menefex.report-uri.com/r/d/csp/wizard; report-to default;"
Content-Security-Policy = "default-src 'self' js-eu1.hsadspixel.net js-eu1.hscollectedforms.net js-eu1.usemessages.com js-eu1.hs-banner.com js-eu1.hs-analytics.net snap.licdn.com disqus.com c.disquscdn.com cdnjs.cloudflare.com connect.facebook.net www.google-analytics.com www.googletagmanager.com; script-src 'report-sample' 'self' 'unsafe-eval' 'unsafe-inline' fundingchoicesmessages.google.com js-eu1.hsadspixel.net js-eu1.usemessages.com js.hs-scripts.com adservice.google.ae a.disquscdn.com vidstat.taboola.com js-eu1.hscollectedforms.net js-eu1.hs-banner.com js-eu1.hs-analytics.net js-eu1.hs-scripts.com sb.scorecardresearch.com gum.criteo.com cdn.taboola.com cdn.ampproject.org snap.licdn.com adservice.google.com adservice.google.nl c.disquscdn.com connect.facebook.net d33wubrfki0l68.cloudfront.net menefex.disqus.com links.services.disqus.com maps.googleapis.com pagead2.googlesyndication.com partner.googleadservices.com tpc.googlesyndication.com unpkg.com www.google-analytics.com www.google.com www.googletagmanager.com www.googletagservices.com www.gstatic.com; style-src 'report-sample' 'self' 'unsafe-inline' data: www.gstatic.com translate.googleapis.com cdnjs.cloudflare.com fonts.googleapis.com c.disquscdn.com vidstat.taboola.com; object-src 'none'; base-uri 'self'; connect-src 'self' googleads.g.doubleclick.net www.google.com adservice.google.com api-eu1.hubapi.com js-eu1.hsadspixel.net code.cdn.mozilla.net js.hs-scripts.com js-eu1.usemessages.com api-eu1.hubspot.com px.ads.linkedin.com vast.aniview.com forms-eu1.hscollectedforms.net gum.criteo.com cdn.linkedin.oribi.io translate.googleapis.com cdn.ampproject.org a.disquscdn.com tpc.googlesyndication.com js-eu1.hs-analytics.net js-eu1.hscollectedforms.net am-vid-events.taboola.com web.ssp.yahoo.com socialplugin.facebook.net wf.taboola.com am-wf.taboola.com region1.analytics.google.com js-eu1.hs-banner.com forms-eu1.hubspot.com region1.google-analytics.com web.facebook.com js-eu1.hs-scripts.com pips.taboola.com cds.taboola.com am-trc-events.taboola.com 15.taboola.com www.facebook.com trc.taboola.com trc-events.taboola.com reporting.services.disqus.com tempest.services.disqus.com snap.licdn.com disqus.com c.disquscdn.com maps.gstatic.com feedburner.google.com s3.feedly.com menefex.disqus.com images.ctfassets.net maps.googleapis.com www.gstatic.com unpkg.com fonts.gstatic.com i.postimg.cc connect.facebook.net d33wubrfki0l68.cloudfront.net cdnjs.cloudflare.com fonts.googleapis.com analytics.google.com links.services.disqus.com pagead2.googlesyndication.com stats.g.doubleclick.net www.google-analytics.com www.google.nl; font-src 'self' data: chrome-extension fonts.gstatic.com cdnjs.cloudflare.com; frame-src 'self' td.doubleclick.net app-eu1.hubspot.com www.googletagmanager.com tsdtocl.com gum.criteo.com imprammp.taboola.com am-match.taboola.com tempest.services.disqus.com disqus.com googleads.g.doubleclick.net open.spotify.com pagead2.googlesyndication.com tpc.googlesyndication.com web.facebook.com www.facebook.com www.google.com; img-src 'self' data: www.google.fr www.google.com.tr track.hubspot.com www.google.co.id www.google.com.ng www.google.co.ke fonts.gstatic.com www.google.lk www.google.cz www.google.pl www.google.co.ug www.google.ae csm.nl.eu.criteo.net translate.google.com vidstatb.taboola.com trc.taboola.com vidstat.taboola.com connect.facebook.net am-vid-events.taboola.com www.google.co.uk track-eu1.hubspot.com forms-eu1.hsforms.com region1.google-analytics.com www.soolide.com sb.scorecardresearch.com images.taboola.com i.ytimg.com content-cdn.tipsenweetjes.nl am-trc-events.taboola.com trc-events.taboola.com ce.lijit.com cdn.taboola.com px4.ads.linkedin.com www.linkedin.com px.ads.linkedin.com www.google.es stats.g.doubleclick.net www.googletagmanager.com d33wubrfki0l68.cloudfront.net www.google.co.in www.gstatic.com cdn.viglink.com links.services.disqus.com c.disquscdn.com referrer.disqus.com feedburner.google.com i.postimg.cc images.ctfassets.net maps.googleapis.com maps.gstatic.com pagead2.googlesyndication.com s3.feedly.com www.facebook.com www.google-analytics.com www.google.com www.google.nl www.google.be; manifest-src 'self'; media-src 'self' cdn.taboola.com videos.taboola.com; worker-src 'self'; form-action 'self' www.facebook.com; frame-ancestors 'self' https:; upgrade-insecure-requests; report-uri https://menefex.report-uri.com/r/d/csp/wizard; report-to default;"

Expect-CT = 'enforce, 0, report-uri="https://menefex.report-uri.com/r/d/ct/reportOnly"'

Expand Down

0 comments on commit 13f922b

Please sign in to comment.