One user of my app on Mac OS 10.9/Chrome 60 is getting this error message when any JS function is called:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'nonce-...' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https: 'report-sample'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
I cannot reproduce this error myself on Mac OS 10.8/10.12, Chrome 60/Firefox 55/Safari 11.
I am using Vue 2.4.4 + vue-cli webpack template with vue-loader + runtime-only build.