| Line 11... |
Line 11... |
| 11 |
header("X-XSS-Protection: 1; mode=block");
|
11 |
header("X-XSS-Protection: 1; mode=block");
|
| 12 |
header("Access-Control-Allow-Origin: *");
|
12 |
header("Access-Control-Allow-Origin: *");
|
| 13 |
header("Referrer-Policy: no-referrer");
|
13 |
header("Referrer-Policy: no-referrer");
|
| 14 |
header("X-Frame-Options: SAMEORIGIN");
|
14 |
header("X-Frame-Options: SAMEORIGIN");
|
| 15 |
header("Set-Cookie: ^(.*)$ $1;HttpOnly;Secure");
|
15 |
header("Set-Cookie: ^(.*)$ $1;HttpOnly;Secure");
|
| 16 |
header("Content-Security-Policy: default-src 'none'; connect-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://use.fontawesome.com; form-action 'self'; frame-src https://www.google.com https://www.youtube-nocookie.com; img-src 'self' data: http://abs.twimg.com https://abs.twimg.com https://*.walmartimages.com https://images.samash.com https://img.discogs.com https://*.googleusercontent.com https://*.ebaystatic.com https://www.fye.com https://www.musicnotes.com https://www.secondspin.com https://platform-lookaside.fbsbx.com https://ad.linksynergy.com https://www.lduhtrp.net https://*.wal.co https://cj.dotomi.com https://www.awltovhc.com https://www.ftjcfx.com https://www.tqlkg.com https://www.emjcd.com https://www.yceml.net https://beacon.affil.walmart.com https://assets.sheetmusicplus.com https://www0.alibris-static.com https://*.mzstatic.com https://via.placeholder.com https://images-na.ssl-images-amazon.com/images/ https://transform.dis.commercecloud.salesforce.com https://www.google-analytics.com https://m.media-amazon.com/images/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com/ajax/libs/jquery/ https://cdnjs.cloudflare.com/ajax/libs/popper.js/ https://maxcdn.bootstrapcdn.com/bootstrap/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://ssl.gstatic.com https://www.googletagmanager.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/bootstrap/ https://use.fontawesome.com/releases/;frame-ancestors 'self'");
|
16 |
header("Content-Security-Policy: default-src 'none'; connect-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://use.fontawesome.com; form-action 'self'; frame-src https://www.google.com https://www.youtube-nocookie.com; img-src 'self' data: http://abs.twimg.com https://abs.twimg.com https://*.walmartimages.com https://images.samash.com https://img.discogs.com https://*.googleusercontent.com https://*.ebaystatic.com https://www.fye.com https://www.musicnotes.com https://platform-lookaside.fbsbx.com https://ad.linksynergy.com https://www.lduhtrp.net https://*.wal.co https://cj.dotomi.com https://www.awltovhc.com https://www.ftjcfx.com https://www.tqlkg.com https://www.emjcd.com https://www.yceml.net https://beacon.affil.walmart.com https://assets.sheetmusicplus.com https://www0.alibris-static.com https://*.mzstatic.com https://via.placeholder.com https://images-na.ssl-images-amazon.com/images/ https://transform.dis.commercecloud.salesforce.com https://www.google-analytics.com https://m.media-amazon.com/images/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com/ajax/libs/jquery/ https://cdnjs.cloudflare.com/ajax/libs/popper.js/ https://maxcdn.bootstrapcdn.com/bootstrap/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://ssl.gstatic.com https://www.googletagmanager.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/bootstrap/ https://use.fontawesome.com/releases/;frame-ancestors 'self'");
|
| 17 |
}
|
17 |
}
|