Content-Security-Policy-Report-Only: default-src 'none'; script-src 'self' 'unsafe-inline' https://www.googletagmanager.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://elegant-harmony-f8a4c00980.strapiapp.com https://elegant-harmony-f8a4c00980.media.strapiapp.com https://cms.sandbox-london-b.fetch-ai.com https://res.cloudinary.com; font-src 'self' https://fonts.gstatic.com; media-src 'self' https://www.dropbox.com https://*.dropboxusercontent.com; connect-src 'self' https://www.google-analytics.com; frame-ancestors 'none'; base-uri 'self'; object-src 'none';