开发工具里会有这么一段提示。

The Content Security Policy (CSP) prevents the evaluation of arbitrary strings as JavaScript to make it more difficult for an attacker to inject unathorized code on your site.

To solve this issue, avoid using eval(), new Function(), setTimeout([string], ...) and setInterval([string], ...) for evaluating strings.

If you absolutely must: you can enable string evaluation by adding unsafe-eval as an allowed source in a script-src directive.

⚠️ Allowing string evaluation comes at the risk of inline script injection

其中：

If you absolutely must: you can enable string evaluation by adding unsafe-eval as an allowed source in a script-src directive.

请问这句话是什么意思，按这句话的意思看，好像又是有方法可以启用eval？