I was helping Commons POTY design, and when I entered "https://meta.wikimedia.org/w/index.php?title=Tech/News/2014/24/zh&uselang=en&banner=POTY_2017_R2&force=1," my safari (Version 11.1.1(13605.2.8)) started yelling at me with popup: "Content Security Policy violation detected! Tried to load something from https://en.wikipedia.org.".
It kept issuing such warning until they issued a warning to all the domains in my global.js. Visiting the same page without &banner=POTY_2017_R2&force=1 had no problem whatsoever, so it's most likely MediaWiki-extensions-CentralNotice