Our site uses Content Security Policy and CF
I found that there are many errors in mobile version, because CF injects script
without nonce field (yes, I know CF cannot know nonce value)
As I see Cloudflare advises to use 'unsafe-inline;
but it equivalent removing removing CSP at all
Do you have any sane solution how to fix it?