Hi,
At first I thought it was Mitigate XSS Attacks with Content Security Policy but I read too fast
This might be a typeform issue, be sure to check typeform embeds and see if something has changed.
AFAIK allow-top-navigation-by-user-activation is something recent, far from being supported by every browsers.