Content-Security-Policy: base-uri 'self'; report-uri https://o4508469207040000.ingest.us.sentry.io/api/4508474076758016/security/?sentry_key=c8465d3ef299e77266c567d3d790d3a3; script-src 'nonce-hndqlI3-iO58vPIqI5qHbwxPHwBg6QkAWbDVcVzU8VQ' 'strict-dynamic'; style-src 'nonce-UodyV5tfjOvVxMa1zcdvdqyTw87QvFSu8o90Xuw5sr8'; connect-src 'self' https://*.hcaptcha.com https://api.stripe.com https://s.staging.hex.pm; default-src 'self'; img-src 'self' data: https://www.gravatar.com https://q.stripe.com; form-action 'self'; frame-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://asciinema.org https://*.stripe.com https://readme.staging.hex.pm; report-to csp-endpoint; frame-ancestors 'none'; font-src 'self' https://fonts.gstatic.com; object-src 'none';