更新时间:2022-10-19 18:51:55
Try splitting out the CSP into a separate tag and add a style-src reference, like this:
<meta http-equiv="content-type" content="text/html; charset=utf-8 ;">
<meta http-equiv="Content-Security-Policy" content="script-src 'self' http://onlineerp.solution.quebec 'unsafe-inline' 'unsafe-eval'; style-src 'self' maxcdn.bootstrapcdn.com">
This should say that you trust styles coming from maxcdn.bootstrapcdn.com.
Great explanation of Content Security Policy is at http://content-security-policy.com/