Hi @Joe Paul ,
From these 1,2,3 articles for research, it's necessary to use Nonces and Hashes to allow Inline Scripts.
You can set the HTTP Response Headers GUI in IIS Manager or add customHeaders to your web.config:
Since the content security policy is not within our scope of support, and I cannot find any official support, we provide less help on how to set up a detailed policy.
Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.