Content-Security-Policy: default-src 'unsafe-inline' 'self' https://*.certify.me/ https://*.soteriavc.com/ https://localhost:16016/ http://localhost:4000/ http://localhost:5014/ http://localhost:2502/ https://127.0.0.1:*/ https://fonts.googleapis.com/ https://login.microsoftonline.com https://api.ipstack.com https://www.google.com  https://fhir-ehr-code.cerner.com/ https://apporchard.epic.com https://authorization.cerner.com/ https://localhost:5464/ https://*.certify.me/ https://*.soteriavc.com/ https://dc.services.visualstudio.com/v2/track https://azeastfasignalr.azurewebsites.net//api/ https://azeastcertify1.service.signalr.net/client/ wss://azeastcertify1.service.signalr.net/client/ data: blob:;        connect-src 'unsafe-inline' 'self' https://*.certify.me/ https://*.soteriavc.com/ https://dc.services.visualstudio.com/ http://localhost:4000/ http://localhost:5014/ https://127.0.0.1:*/ http://localhost:2502/ https://cdn.jsdelivr.net/npm/[email protected]/wasm/ngx-scanner-qrcode.wasm data:;        script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google.com https://127.0.0.1:*/ http://localhost:5014/ https://cdn.jsdelivr.net/npm/[email protected]/wasm/ngx-scanner-qrcode.wasm https://www.gstatic.com https://cdn.jsdelivr.net/;        style-src-elem 'unsafe-inline' 'self' https://cdn.jsdelivr.net/npm/[email protected]/wasm/ngx-scanner-qrcode.wasm https://127.0.0.1:*/ https://fonts.googleapis.com/;        font-src 'self' data: https://*.certify.me/ https://*.soteriavc.com/ https://fonts.gstatic.com/ https://127.0.0.1:*/ https://cdn.jsdelivr.net/npm/[email protected]/wasm/ngx-scanner-qrcode.wasm https://netdna.bootstrapcdn.com;        img-src 'self' https://*.certify.me/ https://*.soteriavc.com/ https://maps.gstatic.com/mapfiles/ https://127.0.0.1:*/ https://maps.googleapis.com/maps/ data:;