Currently we are allowing scripts to be executed from widget CSP. The 'unsafe-inline' to be identified from the list of areas and fixed.