Reader mode crashes on sites with a "sandbox" CSP directive

On websites with a sandbox CSP directive, the "Reader Mode" button isn't ever visible. If Reader Mode is forcibly invoked by prefixing the URL with ephy-reader:, Epiphany crashes with the following message:

(epiphany:2): epiphany-WARNING **: 10:18:48.370: Error running javascript: Cannot execute JavaScript in this document

(epiphany:2): epiphany-WARNING **: 10:19:01.703: Error running javascript: Cannot execute JavaScript in this document

Steps to reproduce:

1. Navigate to any page on https://seirdy.one
2. Prefix the URL with ephy-reader: and press Enter
3. Wait a few seconds and Epiphany will crash

All the pages on seirdy.one are also available on https://envs.net/~seirdy without a CSP header, and Reader Mode works as expected there.

This is the current CSP header:

content-security-policy: default-src 'none'; img-src 'self' data:; style-src 'sha256-U3qGsgQrv/WVcD8FbITGg2xHJ2BBlPeg3VtDpRzPIqM='; style-src-attr 'none'; frame-ancestors 'none'; base-uri 'none'; form-action 'none'; manifest-src https://seirdy.one/manifest.min.ca9097c5e38b68514ddcee23bc6d4d62.webmanifest; upgrade-insecure-requests; navigate-to 'none'; sandbox allow-same-origin

If I alter the CSP header's sandbox directive to this:

sandbox allow-scripts

then Reader Mode works fine. I even see the button show up in the address bar.

For reference, all other browsers I've tried (Firefox, Chromium, Safari) can handle even an empty sandbox directive.