HTTP/1.1 200 OK
Content-Security-Policy: sandbox allow-popups allow-pointer-lock allow-scripts