Content-Security-Policy: default-src 'self' ; frame-ancestors 'self' localhost:8080 https://prod.ebw.ift.pearson-intl.com https://*.pearson.com https://*.pearson.com.mx ; connect-src 'self' localhost:8080 *.pearson.com https://prod.ebw.ift.pearson-intl.com https://ebw-prod-assets-01-euw1.s3.eu-west-1.amazonaws.com https://pbqd98syxe.execute-api.eu-west-1.amazonaws.com *.launchdarkly.com https://bam.nr-data.net https://cdn.cookielaw.org *.onetrust.com ; img-src * data: ; frame-src 'self' sso.rumba.int.pearsoncmg.com https://sso.rumba.int.pearsoncmg.com https://www.google.com https://www.recaptcha.net https://login-stg.pearson.com https://login.pearson.com https://login-ppe.pearson.com localhost:8080 ; media-src 'self' blob: https://api.pearson.com localhost:8080 https://ebw-prod-assets-01-euw1.s3.eu-west-1.amazonaws.com ; style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com localhost:8080 https://cdn.cookielaw.org ; font-src 'self' data: localhost:8080 *.pearson.com https://prod.ebw.ift.pearson-intl.com https://fonts.gstatic.com ; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://urldefense.proofpoint.com https://www.google.com/recaptcha/api.js https://www.gstatic.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://login-stg.pearson.com https://login.pearson.com https://login-ppe.pearson.com localhost:8080 https://optanon.blob.core.windows.net https://code.jquery.com https://cdn.cookielaw.org https://www.recaptcha.net *.newrelic.com *.pearson.com https://prod.ebw.ift.pearson-intl.com