When running datatables_view under a strict Content Security Policy (CSP) that disallows 'unsafe-inline', the view fails to function correctly. The dataset page itself loads, but the DataTables view does not render or populate data as expected.

This occurs on CKAN 2.11.3, where core templates no longer rely on inline JavaScript or CSS, indicating the issue originates in datatables_view and/or its JavaScript dependencies rather than CKAN core itself.

Steps to Reproduce:

1. Install CKAN 2.11.3 with datatables_view enabled.
2. Apply a strict CSP such as:
   default-src 'self';
   script-src 'self' 'unsafe-eval';
   style-src 'self';
   connect-src 'self';
3. Open a dataset with a DataTables view.
4. Observe that the DataTables UI does not function and CSP violations appear in the console.
5. Add 'unsafe-inline' to both script-src and style-src.
6. Reload the page — the DataTables view now works as expected.

Environment:

• CKAN version: 2.11.3
• Browser: Chrome and Firefox (both affected)
• CSP enforced at: Nginx reverse proxy

Request:

Is there a planned roadmap or recommended approach to refactor datatables_view (and/or its dependencies) to avoid inline JavaScript and inline CSS so it can operate under a strict CSP without requiring 'unsafe-inline'?

Thank you