Just a heads up, we're enabling CSP in report only mode on wikis. This
means if you are loading external resources in your user scripts, you might
enabling report only, and will of course give people notice before actually
enabling it enforcing. At this stage we are just gathering information on
what the impact of CSP would be on the wikis and what sort of external
JS page, we strongly suggest you do not do this for security reasons.
Check which features under the maps stack might be affected with the CSP policy
Original task: T207900: Enable csp-report-only mode everywhere