I'm implementing WebContainers.io in my Toddle app and encountering CSP-related issues. I have a Cloudflare Worker that sets the required security headers, which works in other environments but not in Toddle.
Error messages indicate CSP blocks:
- Inline scripts (needs 'unsafe-inline' or hash)
- External scripts from WebContainer domains
- Default-src is set to 'none'
Is this a Toddle-specific limitation? Are there any known workarounds for using WebContainer within Toddle's environment?
.jpeg/public)