add support for "content-security-policy" header

Remove all these headers:

header("Content-Security-Policy: default-src 'self'; script-src 'self'");
header("X-Content-Security-Policy: default-src 'self'; script-src 'self'");
header("X-WebKit-CSP: default-src 'self'; script-src 'self'");

Edited Sep 10, 2018 by Martin Hehl

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information