Content-Security-Policy: default-src 'self' https://*.skool.sg https://*.myfirstskool.com https://*.littleskoolhouse.com https://*.amazonaws.com https://*.cloudfront.com https://*.cloudfront.net https://sn-image-service-dot-tcc-sn-dev.appspot.com https://*.go-mpulse.net https://*.google.com https://*.googleapis.com https://*.freshchat.com https://*.google-analytics.com https://*.googletagmanager.com stats.g.doubleclick.net ws: wss:; style-src https://*.freshdesk.com https://*.freshworks.com 'self' 'unsafe-inline' https://fonts.googleapis.com https://wchat.freshchat.com https://sn2-care-journal-stg.web.app https://sn2-whiteboard-stg.web.app; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.go-mpulse.net https://polyfill-fastly.io https://maps.googleapis.com https://wchat.freshchat.com https://www.google-analytics.com https://www.googletagmanager.com stats.g.doubleclick.net; object-src blob: 'self' *.amazonaws.com *.cloudfront.com *.cloudfront.net https://sn-image-service-dot-tcc-sn-dev.appspot.com *.skool.sg *.myfirstskool.com *.littleskoolhouse.com; img-src * 'self' data: *.amazonaws.com *.cloudfront.com *.cloudfront.net https://sn-image-service-dot-tcc-sn-dev.appspot.com *.skool.sg *.myfirstskool.com *.littleskoolhouse.com https://akstat.io; font-src * data: blob: fonts.googleapis.com fonts.gstatic.com; frame-ancestors https://www.parent.skool.sg https://parent.skool.sg https://www.parent.skooluat.sg https://parent.skooluat.sg https://www.myfirstskool.com https://myfirstskool.com; frame-src https://www.googletagmanager.com *.freshchat.com *.google.com blob: 'self' *.amazonaws.com *.cloudfront.com *.cloudfront.net https://sn-image-service-dot-tcc-sn-dev.appspot.com *.skool.sg *.myfirstskool.com *.littleskoolhouse.com https://sn2-care-journal-stg.web.app https://preprod-auth.ntuclink.com.sg; worker-src 'self' blob:; script-src-elem https://*.freshdesk.com https://*.freshworks.com 'self' 'unsafe-inline' blob: https://polyfill-fastly.io https://maps.googleapis.com https://wchat.freshchat.com https://www.google-analytics.com https://*.go-mpulse.net https://sn2-whiteboard-stg.web.app https://sn2-care-journal-stg.web.app https://sn2-care-journal-dev.web.app; form-action 'self' https://*.skool.sg https://*.myfirstskool.com https://*.littleskoolhouse.com https://preprod-auth.ntuclink.com.sg; base-uri 'self'; connect-src 'self' https://preprod-auth.ntuclink.com.sg https://*.akstat.io https://*.freshdesk.com https://*.freshworks.com 'self' https://*.skool.sg https://*.myfirstskool.com https://*.littleskoolhouse.com https://sn2-care-journal-stg.web.app https://sn2-whiteboard-stg.web.app https://*.amazonaws.com https://*.cloudfront.com https://*.cloudfront.net https://sn-image-service-dot-tcc-sn-dev.appspot.com https://*.go-mpulse.net https://*.google.com https://*.googleapis.com https://*.freshchat.com https://*.google-analytics.com https://*.googletagmanager.com stats.g.doubleclick.net https://*.split.io https://cloudflare-dns.com https://*.datadoghq.eu https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu ws: wss:; report-to csp-endpoint;