CSP, souhlasy apod.
default-src 'self';script-src 'self' 'unsafe-inline' https://www.googletagmanager.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;font-src 'self' https://fonts.gstatic.com