Refused to load the image 'https://mc.yandex.ru/clmap/57115789?page-url=........' because it violates the following Content Security Policy directive: "default-src 'self' data:". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
default-src 'self' data: https://mc.yandex.ru
?