Remove `unsafe-inline` from the CSP
unsafe-inline
is ignored if a nonce or a hash is present and we always have one in our CSP. This is a legacy backward-compatibility thing that we don't need anymore. Security scanners often raised this as a security concern so we should remove it to avoid generating noise from scanners.
Edited by Dominic Couture