'strict-dynamic'
CSP source expression. You will see CSP
violations in the console and the API examples on this page will most likely be
broken.'strict-dynamic'
install
Chrome Canary
or
Chrome Beta
and enable Experimental Web Platform features in chrome://flags.
Content-Security-Policy: object-src 'none'; script-src 'nonce-$NONCE' 'strict-dynamic' 'unsafe-eval'