问如何在Reactjs中实现CSP内容安全策略？

EN

 <meta http-equiv="Content-Security-Policy" content="default-src 'self'; style-src 'self'; script-src 'self'; connect-src 'self'; ">

styleTagTransform.js:12 Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-aw/cuq+oNW2VmZeRKB38rTQ+6lr2Wol35x/gNAPQqbk='), or a nonce ('nonce-...') is required to enable inline execution.

<!-- language: lang-html -->

    <html lang="en"><head>
        <meta http-equiv="Content-Security-Policy" content="default-src 'self'; style-src 'self'; script-src 'self'; connect-src 'self'; ">
      <script defer="" src="/static/js/bundle.js"></script><style>/*!
    <style>.css1{color:red'}</style>
  <style>.css2{color:red'}</style>
        <title>Project2</title>
        <noscript>
          You need to enable JavaScript to run this app.
        </noscript>
        <div id="root"><div><header><nav class="navbar-expand-sm navbar-toggleable-sm ng-white border-bottom box-shadow mb-3 navbar navbar-light"><div class="container"><a class="navbar-brand" href="/">Project2</a><button aria-label="Toggle navigation" type="button" class="mr-2 navbar-toggler"><span class="navbar-toggler-icon"></span></button><div class="d-sm-inline-flex flex-sm-row-reverse collapse navbar-collapse"><ul class="navbar-nav flex-grow"><li class="nav-item"><a class="text-dark nav-link" href="/">Home</a></li><li class="nav-item"><a class="text-dark nav-link" href="/counter">Counter</a></li><li class="nav-item"><a class="text-dark nav-link" href="/fetch-data">Fetch data</a></li></ul></div></div></nav></header><div class="container"><div><h1>Hello, world!</h1><p>Welcome to your new single-page application, built with:</p><ul><li><a href="https://get.asp.net/">ASP.NET Core</a> and <a href="https://msdn.microsoft.com/en-us/library/67ef8sbd.aspx">C#</a> for cross-platform server-side code</li><li><a href="https://facebook.github.io/react/">React</a> for client-side code</li><li><a href="http://getbootstrap.com/">Bootstrap</a> for layout and styling</li></ul><p>To help you get started, we have also set up:</p><ul><li><strong>Client-side navigation</strong>. For example, click <em>Counter</em> then <em>Back</em> to return here.</li><li><strong>Development server integration</strong>. In development mode, the development server from <code>create-react-app</code> runs in the background automatically, so your client-side resources are dynamically built on demand and the page refreshes when you modify any file.</li><li><strong>Efficient production builds</strong>. In production mode, development-time features are disabled, and your <code>dotnet publish</code> configuration produces minified, efficiently bundled JavaScript files.</li></ul><p>The <code>ClientApp</code> subdirectory is a standard React application based on the <code>create-react-app</code> template. If you open a command prompt in that directory, you can run <code>npm</code> commands such as <code>npm test</code> or <code>npm install</code>.</p></div></div></div></div>

        <!--
          This HTML file is a template.
          If you open it directly in the browser, you will see an empty page.
          You can add webfonts, meta tags, or analytics to this file.
          The build step will place the bundled scripts into the <body> tag.
          To begin the development, run `npm start` or `yarn start`.
          To create a production bundle, use `npm run build` or `yarn build`.
        -->
      
    </body></html>

<!-- end snippet -->

<style>.css1{color:red'}</style>