more_set_headers "Content-Security-Policy : default-src 'none'; style-src 'self' 'unsafe-inlinde' http: data:; img-src 'self' http: data:; font-src 'self' http: data:; media-src 'self' http: data:; frame-ancestors 'none'; form-action 'none';";

include inc/ht.conf