Hello,
I writting a Forge macro for Confluence using UIKit2. When I check console in Firefox browser, I have multiple same errors :
“Content-Security-Policy: (Report-Only Policy) The page settings might prevent the execution of a JavaScript ‘eval’ (script-src) because it violates the following directive: ‘script-src ‘report-sample’ ‘nonce-0ea55fa27f344dbcb45858a24a5eca11’ ‘unsafe-inline’ ‘strict-dynamic’ https:’ (the ‘unsafe-eval’ value is missing).” at [com.atlassian.gadgets.embedded:gadget-core-resources.js:15:1362]
That make me crazy. 
In my manifest I have specified “unsafe-eval” and “unsafe-inline”. I don’t understand why it doesn’t make effect :
I use lot of UIKIt2 components :
Have you an idea ?