Refused to load the script 'https://www.paypal.com/sdk/js?client-XXX&enable-funding=venmo¤cy=AUD' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' www.google.com www.gstatic.com js.stripe.com www.googletagmanager.com www.google-analytics.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback. how to resolve this?
... View more