• when I disable javascript, I can’t use pagefind anymore, the devtools console say : search/:1 Sending form data to ‘javascript:void(0);’ violates the following Content Security Policy directive: “form-action ‘self’”. The action has been blocked.
• when javascript is disabled there is no gracefull fallback for most of the Alpine powered features : widget sidebars are all empty
• when javascript is disabled, the /interactions page is broken, rendered useless, no way to check inbout/outbound tabs
• I also still see errors with our CSP policy serviceworker.js:252 Connecting to ‘https://fonts.googleapis.com/css2?family=Rancho&family=Ubuntu:wght@400;700&display=swap’ violates the following Content Security Policy directive: “connect-src ‘self’ https://cdn.jsdelivr.net https://api.github.com”. The action has been blocked. serviceworker.js:252 Fetch API cannot load https://fonts.googleapis.com/css2?family=Rancho&family=Ubuntu:wght@400;700&display=swap. Refused to connect because it violates the document’s Content Security Policy. serviceworker.js:267 Background fetch failed: TypeError: Failed to fetch. Refused to connect because it violates the document’s Content Security Policy. at serviceworker.js:252:30 https://fonts.googleapis.com/css2?family=Rancho&family=Ubuntu:wght@400;700&display=swap 2026-02-18-81797/:974

GET https://fonts.googleapis.com/css2?family=Rancho&family=Ubuntu:wght@400;700&display=swap net::ERR_ABORTED 503 (Service Unavailable)