Refused to connect to 'data:image/svg+xml;utf8,<svg xmlns='' class='ionicon'

Hello, I’m getting this error on my console when visiting the official site of my company’s app, but when I run the app on local is fine.

[Report Only] Refused to connect to 'data:image/svg+xml;utf8,<svg xmlns='' class='ionicon' viewBox='0 0 512 512'><title>Chevron Forward</title><path stroke-linecap='round' stroke-linejoin='round' stroke-width='48' d='M184 112l144 144-144 144' class='ionicon-fill-none'/></svg>' because it violates the following Content Security Policy directive: "connect-src 'self'                      https:                      wss:".

I did some research and I think is due to the fact that my connect-src directive is set to self, so that means resources can only be from the same origin or port, so that’s why the error is thrown on the app site. I read another thread saying that by just adding 'self data: * to the CSP meta tag fixes that problem, but I read this was not the best approach because it isn’t that safe because this allows for XSS vulnerabilities to be opened up as data: can handle any URI, and saw that on the documentation too. CSP source values - HTTP | MDN ( the problem is the politic for data limited resources to svg, because my icons are being downloaded from an external source. What would be the best option to set as source on my connect-src directive?