CSP support

[archfz]

Expected Behaviour

The most useful CSP rule for style is to disallow inline styles. This should work correctly with frappe charts.

Actual Behaviour

Styles are blocked and frappe charts is not working correctly.

Steps to Reproduce:

1. Use frappe charts.
2. Configure CSP and do not allow unsafe-inline:

 <meta http-equiv="Content-Security-Policy" content="style-src 'self' *.mydomain.ro mydomain.ro 'nonce-BnP58e96vet5BG2gurtvnauzi1PdyH7u'">

Frappé Charts version: 1.6.2

[scmmishra]

I don't have the bandwidth to take this up at the moment, if you could raise a PR fixing this, I'll be happy to review it

[DoodlesEpic]

Just a note for anyone passing by: If you cannot use 'unsafe-inline' because you have at least one hash on the style-src directive, then you have to add 'unsafe-hashes' to the style-src directive and hardcode the hashes that Chromium dev tools give you to the style-src directive. Really not ideal but better than having to disable it completely. You could also do this instead of adding 'unsafe-inline' as I believe it better makes use of the csp.