Hi Team, we are using jenkins 2.426.1 version, we are running jenkins on a APP Servers, and for the purpose of security, we are hosting it with help of WEB server, in the httpd config, 

as per the security standards we are adding some security headers, like wise for content security policy header, we should not use unsafe-eval or unsafe inline in the header, but the current header we are using is " script-src 'self' 'unsafe-eval' 'unsafe-inline' .example.com; frame-ancestors 'self https://.example.com; reflected-xss; ", 

if we are removing the unsafe eval and unsafe inline from the header, application is not working properly, the layout and group categorization, the active choice and active choice reactive parameters are not working. the scroll bars and other css are getting disabled. Please find the pictures for the understanding.

But as per the our security standards we should not be using them, please help us, what can we do in this case.