Content-Security-Policy blocked jsencryt.min.js file version 3.0.0-rc.2

[thangamanis]

When the server sends a restrictive Content-Security-Policy header,

Content-Security-Policy: default-src 'self'; script-src 'self'; img-src 'self'

the following error comes up in Firefox:

Content Security Policy: The page's settings blocked the loading of a resource: An attempt to call JavaScript from a string (by calling a function like eval) has been blocked

and a similar to that of Chrome:

Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".