</FilesMatch>
AddOutputFilterByType DEFLATE application/xhtml+xml text/css font/otf \
text/plain text/x-csrc application/postscript
-Header set Content-Security-Policy "object-src 'none';"
+Header set Content-Security-Policy "form-action 'none';\
+ default-src 'none'; connect-src 'self'; font-src 'self'; img-src 'self';\
+ script-src 'self' 'unsafe-inline' 'wasm-unsafe-eval';\
+ style-src 'self' 'unsafe-inline'"