Header always set X-Xss-Protection "1; mode=block"
Header always set X-Frame-Options "SAMEORIGIN"
Header always set X-Content-Type-Options "nosniff"
Header always set Referrer-Policy strict-origin-when-cross-origin
Header always set Content-Security-Policy "default-src https: 'self' *.tawk.to *.cloudflare.com *.
google-analytics.com wss://*.tawk.to; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.tawk.to *.cloudflare.com *.google-analytics.com wss://*.tawk.to
https://cjshare.com *.cjshare.com *.cleverjump.org *.jsdelivr.net
https://sharebutton.net *.sharebutton.net; style-src 'self' 'unsafe-inline' *.jsdelivr.net; img-src data: *; object-src 'none'"
Bookmarks