Content-Security-Policy: default-src 'self' *.chargebee.com *.crisp.chat wss://*.crisp.chat/ *.amazonaws.com/ *.sentry.io/ http://localhost:4000;frame-ancestors *;worker-src blob:;script-src 'self' 'unsafe-eval' 'unsafe-inline' https://trello.com https://api.trello.com https://code.jquery.com https://cdn.jsdelivr.net/npm/monday-sdk-js/dist/main.js *.chargebee.com *.crisp.chat *.amazonaws.com/ https://js-agent.newrelic.com *.nr-data.net *.sentry.io/ http://localhost:4000 https://eu-assets.i.posthog.com https://*.posthog.com/ https://*.i.posthog.com/;style-src * 'unsafe-inline' https://fonts.googleapis.com http://fonts.googleapis.com *.chargebee.com *.crisp.chat *.amazonaws.com/;font-src data: 'self' https://fonts.gstatic.com http://fonts.gstatic.com *.crisp.chat *.amazonaws.com/;img-src * blob: https://ssl.gstatic.com/ data: *.crisp.chat *.amazonaws.com/;connect-src 'self' data: blob: https://fonts.googleapis.com https://fonts.gstatic.com https://staging.screenful.com http://staging.screenful.com https://*.herokuapp.com https://*.posthog.com/ ws://staging.screenful.com ws://app.screenful.me/ wss://app.screenful.me/ https://uds.screenful.me/ ws://uds.screenful.me/ wss://staging.screenful.com/ wss://*.herokuapp.com/ wss://staging.screenful.com/ wss://*.crisp.chat/ *.crisp.chat *.amazonaws.com/ *.nr-data.net *.sentry.io/ https://js.chargebee.com http://localhost:4000 https://*.i.posthog.com/ ws://localhost:3334;report-uri /csp/report;base-uri 'self';form-action 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests