A question about Content Security Policy (CSP)

I have a WordPress website and checked it with https://securityheaders.com/ and it show me an error about “Content Security Policy (CSP)” as below:

I added below line to “httpd.conf” file:

Header always set Content-Security-Policy "default-src 'self'; font-src *;img-src * data:; script-src *; style-src *;"

But my website messed up! Why?
How can I solve it?

Thank you.