The website works perfectly on local machine, but when I upload it to netlify it drops near 20 errors.
I just want to share one of my first projects with friends and not be bothered with security right now.
Tried implementing all the answers from this Allow All Content Security Policy? post, but still nothing.
This is my header that's getting the previously mentioned 20 errors:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta http-equiv="Content-Security-Policy" content="
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic';
script-src * data: blob: 'unsafe-inline' 'unsafe-eval';
connect-src * data: blob: 'unsafe-inline';
img-src * data: blob: 'unsafe-inline';
frame-src * data: blob: ;
style-src * data: blob: 'unsafe-inline';
font-src * data: blob: 'unsafe-inline';">
<link rel="stylesheet" href="css/main.css">
But trying all the other answers also resulted in something similar.
Same happened to me recently, you likely have a browser extension running that blocks scripts.
That's why you probably cannot even see these headers in google dev tools.
Disable it for that site and voila ;)