The following error is thrown trying to access metabase using a subdomain
(ie. mysubdomain.example.com) Version: [v0.32.9]
mysubdomain.example.com/:37 Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' https://maps.google.com https://apis.google.com https://www.google-analytics.com https://*.googleapis.com *.gstatic.com 'sha256-xlgrBEvjf72cXGba6bCV/PwIVp1DcbdhY74VIXN8fA4=' 'sha256-6xC9z5Dcryu9jbxUZkBJ5yUmSofhJjt7Mbnp/ijPkFs=' 'sha256-uKEj/Qp9AmQA2Xv83bZX9mNVV2VWZteZjIsVNVzLkA0='". Either the 'unsafe-inline' keyword, a hash ('sha256-1F0lw4Fmv8y6OvrkD3Kg93KSyCqdKFo5X4bnHBFS6zo='), or a nonce ('nonce-...') is required to enable inline execution.
Looks like it is related to CSP https://github.com/metabase/metabase/issues/10197 but the issue is stalled