1. headers http header: content-security-policy-report-only

  2. headers http header: content-security-policy: `report-sample` source value

  3. headers http header: content-security-policy: report-to

  4. headers http header: content-security-policy: report-uri