Hi,

I've just signed up, selected a template and published. I then visited the url and can see errors in the console.log;

Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'wasm-unsafe-eval' 'inline-speculation-rules' chrome-extension://a62064e7-87f0-4435-9f7f-5a2ee6b79330/". Either the 'unsafe-inline' keyword, a hash ('sha256-lbU2xf8sKFm1dCrsJ2t1ps10s7gdmSeM679my0eS9nU='), or a nonce ('nonce-...') is required to enable inline execution.

I will be self hosting and I do not want to allow any unsafe-inline or unsafe-eval in my CSP.

Also, Google Lighthouse is only scoring an 89 on best practises, partially due to the above error and also due to 'Charset declaration is missing or occurs too late in the HTML'.

Any help and clarification on CSP requirements for Web Studio would be greatly appreciated before I take time recreating a website from WP.

Thanks

Steve