Safari CSP ignores nonce and unsafe-inline

Okay I solved this:

In my experience and from testing here: You can't have an enforced and a report only CSP at the same time with Safari, it seems to mix policies up between them and report violations for non violating items.

Remove one of the CSP directives and either send a Report only or an enforced and it'll start working as intended.

Edit (16th March 2022) : Safari now fails to load completely if you have both a read only and an enforced CSP policy. The webkit bug has remained completely idle since this was first logged so we've had to remove the read only CSP to get Safari to work at all.

If anyone has contact at Webkit I'd really appreciate someone shining a light on this to try and get Webkit to actually work like a browser instead of the new IE6 again.

Is there a safe version of C++ without undefined behaviour?

I made a Git repo locally then added remote URL and pushed it to GitHub. If I delete the local Git repo, will the remote repo still be ok?

Is there any way to get round figure value in flutter [duplicate]

Getting data from two table with one query

Configuration Interface inside an Inteface in appsettings.json

Proving monotonicity of this ratio of Hypergeometric functions

Are there any calculus textbooks that mention Lebesgue or measure theory?

Relation between steps and turns in a simple symmetric random walk

Constructing an outer measure on a set whose measurable sets are exactly a given sigma algebra on the set.

Semidirect product action and its geometry

Properties of space $X = T \cup \bigcup_{n=1}^{\infty} S_n \cup \{ (0,q) : q \in \mathbb Q \wedge q \in [0,1] \} $

Poincaré duality for de Rham cohomology on non-compact manifolds