How do I include a javascript blob originating due to a web worker js from my own website as an exclusion in the content security policy
This is my CSP settings from the web.config. :
-----------------------------------Begin----------------------------------------------
<default-src none="true" />
<img-src self="true">
<add source="data:" />
</img-src>
<child-src self="true" />
<!-- According to docs frame-src is deprecated but child src alone was not working and browsers were
unable to process it so keeping both the directives, the one not supported will be ignored by browsers -->
<frame-src self="true" />
<style-src self="true" unsafeInline="true">
<add source="https://fonts.googleapis.com" />
</style-src>
<script-src self="true" unsafeEval="true" />
<font-src self="true">
<add source="https://fonts.gstatic.com" />
</font-src>
<connect-src self="true" />
</content-Security-Policy>
-----------------------------------End----------------------------------------------