Open
Cached
·
just now
5
directives
Content-Security-Policy
Content-Security-Policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: mailto: embed.music.apple.com embed.podcasts.apple.com https://recyclingprogram.apple.com https://smb.apple.com https://nova.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
default-src
Keyword
—
'self'
default-src
Scheme
—
blob:
default-src
Scheme
—
data:
default-src
Host
—
default-src
Host
—
default-src
Host
—
child-src
Scheme
—
blob:
child-src
Scheme
—
mailto:
img-src
Keyword
—
'unsafe-inline'
img-src
Scheme
—
blob:
img-src
Scheme
—
data:
img-src
Host
—
img-src
Host
—
script-src
Keyword
—
'unsafe-inline'
script-src
Keyword
—
'unsafe-eval'
script-src
Scheme
—
blob:
script-src
Host
—
style-src
Keyword
—
'unsafe-inline'
Content-Security-Policy-Report-Only
No report-only CSP headers found.