swissupEasySlideSecurityHeaders:
  resolver: inline
  inline:
    content-security-policy:
      resolver: template
      engine: mustache
      provide:
        backend: env.MAGENTO_BACKEND_URL
      template:
        resolver: conditional
        default:
          # inline: "script-src http: https: {{ backend }}; style-src 'self' blob: https: 'unsafe-inline' {{ backend }}; img-src data: http: https:; object-src 'none'; base-uri 'none'; child-src 'self'; font-src 'self' data: fonts.gstatic.com; frame-src assets.braintreegateway.com *.youtube.com *.youtu.be *.vimeo.com"
          fixes:
           - from: "font-src 'self' fonts.gstatic.com;"
             to: "font-src 'self' data: fonts.gstatic.com;"