I am getting the below error while the application bootstraps with NGINX and HTTPS, especially in Chrome.
Is there any way to bootstrap the UI without adding unsafe CSP directives on the webserver?
Blockquote
com.haulmont.cuba.web.widgets.WidgetSet.nocache.js?1615216848535:9 Uncaught EvalError: Refused to evaluate a string as JavaScript because ‘unsafe-eval’ is not an allowed source of script in the following Content Security Policy directive: “default-src ‘self’ http: https: data: blob: ‘unsafe-inline’”.
at :1:1
at m (com.haulmont.cuba.web.widgets.WidgetSet.nocache.js?1615216848535:9)
at com.haulmont.cuba.web.widgets.WidgetSet.nocache.js?1615216848535:10
at HTMLDocument.d (com.haulmont.cuba.web.widgets.WidgetSet.nocache.js?1615216848535:6)