noscript-marker CSP warnings in the console

Response headers:

content-length	54
content-security-policy	noscript-marker;media-src 'none', noscript-marker;media-src 'none', noscript-marker;media-src 'none'
content-type	application/json

@ma1: are you sure it works as expected?