Header set Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.czater.pl; script-src-elem 'self' https://www.czater.pl"