Content-Security-Policy: default-src 'none'; script-src https://appleseedcdn.apple.com 'nonce-r/4X/f5bIgoUNAwjsZs9Yg=='; style-src https://www.apple.com https://appleseedcdn.apple.com 'nonce-r/4X/f5bIgoUNAwjsZs9Yg=='; connect-src 'self'; frame-src 'self' https://appleseedcdn.apple.com; base-uri 'none'; form-action 'self'; frame-ancestors 'none'; object-src 'none'; worker-src 'none'; manifest-src 'none'; script-src-attr 'none'; style-src-attr 'none'; upgrade-insecure-requests; font-src https://www.apple.com; img-src https://appleseedcdn.apple.com; report-uri /csp-violations