Moved Wordpress to new server, strange Javascript error (no inline JS?)

Question

I just moved a WP site to another server and I get this error in my console:

Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution.

When searching for a solution, I only see things about Chrome extensions.

What can this be, all of a sudden?

I tried updating Jquery to the latest version, but it did not help. It's very strange, I can't pinpoint it. On my development machine and at the new location the site bloats. Luckily the production site is still functioning.

Edit:

This solution works partially: https://forum.dokuwiki.org/thread/11642. Basically, you have to add this line to a .htaccess file:

Header set Content-Security-Policy "allow 'self'; media-src *; img-src *; script-src 'self' 'unsafe-inline' https://ajax.googleapis.com http://www.google-analytics.com; style-src 'self' 'unsafe-inline';"

But partially! Now the CSS bloats:

Refused to load the stylesheet 'http://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400italic%2C600italic%2C300%2C400%2C600&subset=latin%2Clatin-ext&ver=4.0.1' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline'".

But the question remains: why is this happening out of the blue?

Answer 1

This plugin helped solve my problem: Content Security Policy WordPress Plugin.

Great! Hard to find a reference about it, though. Took me a long time to find it:

https://people.mozilla.org/~bsterne/content-security-policy/wordpress.html

Answer 2

Just update your jquery version , It will solve issue.

Reference link :Google Chrome: Refused to Execute Inline script