Our content security policy includes maps.googleapis.com which is flagged on some auditing tools online as a major problem because some of its endpoints support JSONP supposedly.
So because of that I’m trying to either remove the url while of course still using google maps or changing the content security policy in a way that its not a problem anymore.