[Report Only] Refused to load the script 'https://nv00.cdn.bcebos.com/nv01/static/ecom/js/als/haokanpc-48b534b954.js' because it violates the following Content Security Policy directive: "script-src 'report-sample' 'unsafe-eval' 'unsafe-inline' 'self' passport.bdimg.com ufosdk.baidu.com wappass.baidu.com s.bdstatic.com sestat.baidu.com hk.bdstatic.com hpd.baidu.com vv.bdstatic.com code.bdstatic.com dlswbr.baidu.com hm.baidu.com passport.baidu.com sv.bdstatic.com dmpstatic.cdn.bcebos.com mediago-static.cdn.bcebos.com show-3.mediav.com vd1.bdstatic.com vd2.bdstatic.com vd3.bdstatic.com vd4.bdstatic.com vd5.bdstatic.com vd6.bdstatic.com vd7.bdstatic.com haokanupdate.cdn.bcebos.com 'nonce-f000007b85bffaf3a3db80cf8e93c608'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.