Support CSP properly

[gernotkogler]

If you configure default-src 'self' data:; for content-security-policy, error_tracker does not work and does not apply the css. In order to make it work, you have to add style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; to you csp config.

unsafe-inline is not an option that you want in your csp.

[crbelaus]

We may need to support the csp_nonce_assign_key just like Oban Web and Phoenix LiveDashboard do.

[crbelaus]

@gernotkogler this should be fixed on #61, which implements csp_nonce_assign_key as an option when mounting the dashboard.

[odarriba]

The change is in main branch right now and will be included in next release @gernotkogler

[gernotkogler]

Very cool 💪