HTTP/1.1 200 OK
Content-Security-Policy: style-src 'none'