This reverts commit 9d8777d5.

Disabling minification showed the error specifically on the very first line:
"<!doctype html>".

It shows up in Chrome as:

The Content-Security-Policy directive 'worker-src' is implemented behind a flag
which is currently disabled.

The same shows in Firefox as:

Content Security Policy: The page’s settings observed the loading of a resource
at self (“script-src”). A CSP report is being sent. Source: ;undefined.

The exact same error shows on https://vincent.bernat.im/en and
https://www.josephearl.co.uk/.

Oddly Google search for those errors did not return anything useful.. mystery..