Run steps 1-10 in this post (https://digitalstartup.co.uk/t/how-to-prepare-magento-2-3-for-2-4/1812). I usually find these commands thoroughly flush everything during an install. Kind of like my “Holy Grail”.
If that fails, fall back to the original csp_whitelist.xml and double check your custom edits. And run in Report Only mode to see if you’ve addressed all the CSPs before Enforcing anything.
I’ve not tested this with 2.4.x, so if Magento core code now includes something extra then I’ll update the module to include a new rule default.