CSP not applying to Admin area

Hi there,

For some reason it does not seem like my CSP rules are applying to my admin area.

I have "script-src * 'self' blob: 'unsafe-inline' 'unsafe-eval'" setup in the plugin, and when I go to https://securityheaders.com/ it reports as set as such BUT DevTools in my admin area keeps reporting "script-src * 'self' 'unsafe-inline' 'unsafe-eval'"

Any ideas?