The source list for the Content Security Policy directive 'style-src' contains an invalid source: 'https://.googletagmanager.com'. It will be ignored.
certificate
资源
https://widgets.in5.nopaperforms.com/emwgts.js
描述
The source list for the Content Security Policy directive 'style-src' contains an invalid source: 'https://.googletagmanager.com'. It will be ignored.
certificate
资源
https://www.welingkar.org/
描述
Access to XMLHttpRequest at 'https://welingkar.in5.nopaperforms.com/cwtrk/?r=&q=&d=https://welingkar.in5.nopaperforms.com&c=5542' from origin 'https://www.welingkar.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Refused to load the stylesheet 'https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2' because it violates the following Content Security Policy directive: "style-src 'unsafe-inline' 'self' https://*.welingkar.org https://*.fontawesome.com https://.googletagmanager.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://unpkg.com https://fonts.googleapis.com https://*.amazonaws.com https://static.welingkar.org https://stackpath.bootstrapcdn.com https://eewidget.extraaedge.com https://eeconfigstaticfiles.blob.core.windows.net https://maxcdn.bootstrapcdn.com/ https://a.omappapi.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.