I read a lot of questions, most of them with no answer.
I added this line in my website.conf under nginx 1.18
add_header Content-Security-Policy: &
