Content Security Policy directive Issue

[ibstelix]

Hello dear support,
Both Chrome and Firefox are throwing this:

[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'unsafe-eval' 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-0pMlKNC2+1VcvBq5jfj03/wLi+YRDcfXk0EX71iOK5o='), or a nonce ('nonce-...') is required to enable inline execution.

and the conumer_registration link and sign-up link are not found.
Is this related ?
Any hint is appreciated.
Best regards,

[ibstelix]

Still no solution :( i cannot find where the directive is defined

Jan 25 21:51:20 ibslab jetty9[18906]: [Loaded net.liftweb.http.LiftRules$$Lambda$1159/2059065270 from net.liftweb.http.LiftRules]
Jan 25 21:51:20 ibslab jetty9[18906]: 21:51:20.489 [qtp1151020327-13] WARN net.liftweb.http.LiftRules - Content security policy violation reported on page
Jan 25 21:51:20 ibslab jetty9[18906]:        | 'http://127.0.0.1:8080/' from referrer 'http://127.0.0.1:8080/':
Jan 25 21:51:20 ibslab jetty9[18906]:        | 'inline' was blocked because it violated the
Jan 25 21:51:20 ibslab jetty9[18906]:        | directive 'script-src-elem'. The policy that specified
Jan 25 21:51:20 ibslab jetty9[18906]:        | this directive is: 'default-src 'self'; img-src *; script-src 'unsafe-eval' 'self'; report-uri /lift/content-security-policy-report'.

[ibstelix]

Adding in Boot.boot, remove the error but still sgn-up and registration page are unknown:

LiftRules.securityRules = () => {
      SecurityRules(content = Some(ContentSecurityPolicy(
        scriptSources = List(ContentSourceRestriction.Self,
          ContentSourceRestriction.UnsafeInline,
          ContentSourceRestriction.UnsafeEval)
      )))
    }