I’m trying to implement a Content-Security-Policy.
Refused to execute inline script because it violates the following Content Security Policy directive:
So my questions are:
seen as an “inline-script” ?
If so, what can I do to allow these scripts via CSP? I already tried to use the
noncewithin my scripts but it always says:
Undefined attribute name (nonce)
Do dev tools (e.g. Google Chrome) provide a function to see which inline script procudes the error?