The new Google Chome update breaks various deployments served with CSP configured. Seems this is very oriented to Gatsby / React websites that are using web workers.for various tasks.
Console error messages since the last update.
Why this could be a Netlify issue related?
Netlify should provide a barebone CSP policy as an example to be used and enhanced by anyone deploying websites here. Also, the Netlify analytics feature might not work properly to some extent.
Also, be advised Chrome displayed a working now for the Netlify cookies set without the SameSite flag, but in the very near future, they will block them, possibly breaking some other things too.
Example deployment: https://melodic-lime-copy-01-7bc65.netlify.app
My current CSP policy:
font-src 'self' https://fonts.gstatic.com/ data:; manifest-src 'self'; img-src 'self' 'unsafe-inline' https://ssl.gstatic.com/ https://www.google-analytics.com/ data:; script-src 'unsafe-eval' 'self' 'unsafe-inline' https://tagmanager.google.com/ https://www.googletagmanager.com/ https://unpkg.com/ https://www.google-analytics.com/analytics.js; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/ https://tagmanager.google.com/; frame-ancestors 'none'; base-uri 'self'; prefetch-src 'self'; require-trusted-types-for 'script'; object-src 'none'; report-uri https://[site].report-uri.com/r/d/csp/reportOnly; worker-src 'self'
The policy can be checked here for inconsistencies: https://csp-evaluator.withgoogle.com/
Down to the bottom, please, do you have any idea how to fix the new errors from the console?