Google console in tests via Firebase Robo test shows an exception.
Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src https://abs.twimg.com https://abs-0.twimg.com https://twitter.com https://mobile.twitter.com"
but in setting of WebView settings JS is enabled.
WebSettings settings = webview.getSettings();
settings.setJavaScriptEnabled(true);
webview.setWebChromeClient(new WebChromeClient());
settings.setSupportMultipleWindows(true);
settings.setDomStorageEnabled(true);
the same exception if put in the header
headers.put("Content-Security-Policy", "script-src 'self' 'unsafe-inline' 'unsafe-eval'");