Content Security Policy blocks script because of JSON.parse() or localStorage.getItem()

[raspi]

Firefox Content Security Policy gives this error:

SecurityError: The operation is insecure.

It gives reference to this line: https://github.com/Fugiman/deckmaster/blob/da99f7ceae6e8a7bb54eefba4f8b2704e4c0a32e/overlay/src/store.js#L32

which is

globalHide: JSON.parse(localStorage.getItem(globalHideKey)) || false,

[MarkRH]

I wondered why I couldn't get this working in Firefox 62 in a stream I was watching.

[MarkRH]

FYI, I got it working in Firefox 63 by allowing all 3rd-party cookies. Not sure if that security warning still applies now.