# Basic Content Security Policy

Content-Security-Policy: script-src 'self' 'unsafe-inline' ; font-src 'self' ; object-src 'none' ; child-src 'none' ; worker-src 'self' ; frame-ancestors 'none' ; form-action 'self' ; block-all-mixed-content; disown-opener; reflected-xss block; referrer no-referrer;
