Swagger UI includes an inline-script
which makes it more difficult to enforce the Content-Security-Policy
header.
This Gist shows a way to add an exception for Swagger UI in order to be able to enforce
the policy to an effectiv level. This is useful for example in FastAPI
where Swagger UI is added automatically for API documentation.