CSP meta `content` is escaped

[vcarl]

A production build puts the following in my head, as seen in curl:

<meta
  http-equiv="Content-Security-Policy"
  content="script-src &#x27;self&#x27; &#x27;sha256-<hash>&#x27; &#x27;<hash>&#x27;;"
/>

The 's are being escaped to ', which is breaking the CSP. It looks like createElement is escaping the HTML entities, so this meta tag might need to be constructed a different way.

[vcarl]

Been beating my head against this since opening the issue, am not sure what a fix is. I'm flat not able to get this package to work, I'm curious if there's a workaround I'm not seeing.

There's a confluence that makes this hard to fix: React doesn't support top-level dangerouslySetInnerHTML, and <meta> tags can't be nested within another tag. Drawing a blank on any other ways to ensure this property doesn't get escaped.

[fhelipe-turati-appnovation]

Hi, I'm getting the same issue with the ' in the ' ' place.... any news about this issue?