Unable to view diff in Safari browser only, problem with security policy

Summary

In merge request, the diff view of the changes does not work in Safari (latest available) browser. In Chrome and Firefox this works fine.

Steps to reproduce

Open a merge request and click on Changes.

What is the current bug behavior?

Safari gives following error in the debugger console:

Error] Refused to load https://<gitlab-server>/assets/webpack/tree_worker.9e6d2455.worker.js because it does not appear in the child-src directive of the Content Security Policy.
[Error] SecurityError: The operation is insecure. — pointRadial.js:2
	Gt (main.a92e72ff.chunk.js:108:11716)
	Vt (main.a92e72ff.chunk.js:108:11629)
	Ut (main.a92e72ff.chunk.js:108:11279)
	zt (main.a92e72ff.chunk.js:108:11481)
	nn (main.a92e72ff.chunk.js:108:25343)
	insert (main.a92e72ff.chunk.js:108:20348)
	E (main.a92e72ff.chunk.js:108:60189)
	(anonymous function) (main.a92e72ff.chunk.js:108:61542)
	(anonymous function) (main.a92e72ff.chunk.js:108:34472)
	r (main.a92e72ff.chunk.js:108:68211)
	(anonymous function) (main.a92e72ff.chunk.js:108:26776)
	mn (main.a92e72ff.chunk.js:108:26693)
	(anonymous function) (main.a92e72ff.chunk.js:108:68234)
	(anonymous function) (main.a92e72ff.chunk.js:108:32976)
	Sn (main.a92e72ff.chunk.js:108:30332)
	(anonymous function) (pages.projects.merge_requests.show.63e826ef.chunk.js:4:1228401)
	(anonymous function) (pages.projects.merge_requests.show.63e826ef.chunk.js:4:1230389)
	g7k4 (pages.projects.merge_requests.show.63e826ef.chunk.js:4:1230401)
	c (runtime.faaece56.bundle.js:1:566)
	(anonymous function) (pages.projects.merge_requests.show.63e826ef.chunk.js:1:79599)
	c (runtime.faaece56.bundle.js:1:566)
	a (runtime.faaece56.bundle.js:1:432)
	r (runtime.faaece56.bundle.js:1:295)
	Global Code (pages.projects.merge_requests.show.63e826ef.chunk.js:1)

What is the expected correct behavior?

Showing the diffs in Safari

Relevant logs and/or screenshots

image

Output of checks

Nothing

Results of GitLab environment info

System information
System:
Current User:	git
Using RVM:	no
Ruby Version:	2.7.2p137
Gem Version:	3.1.4
Bundler Version:2.1.4
Rake Version:	13.0.3
Redis Version:	6.0.12
Git Version:	2.31.1
Sidekiq Version:5.2.9
Go Version:	unknown

GitLab information
Version:	13.12.0
Revision:	e1c4542b0f1
Directory:	/opt/gitlab/embedded/service/gitlab-rails
DB Adapter:	PostgreSQL
DB Version:	12.6
URL:		https://git.threema.ch
HTTP Clone URL:	https://git.threema.ch/some-group/some-project.git
SSH Clone URL:	git@git.threema.ch:some-group/some-project.git
Using LDAP:	no
Using Omniauth:	yes
Omniauth Providers:

GitLab Shell
Version:	13.18.0
Repository storage paths:
- default: 	/var/opt/gitlab/git-data/repositories
GitLab Shell path:		/opt/gitlab/embedded/service/gitlab-shell
Git:		/opt/gitlab/embedded/bin/git

Results of GitLab application Check

We are using latest 13.12.0 version. And the problem appeared in this version!