Content-Security-Policy: default-src 'self' 'unsafe-inline' 'wasm-unsafe-eval'