The unsafe-hashes Content Security Policy (CSP) keyword allows the execution of inline scripts within a JavaScript event handler attribute of a HTML element. Warning Whenever you see the prefix unsafe in a CSP keyword, that means that using this is not the most secure way to go.
It is better to refactor your code to avoid using HTML event handler attributes (such as onload, onclick, onmouseover .....
