cryptpad - fixed unsafe csp header directives for sandbox (#24)

Co-authored-by: muppeth <muppeth@disroot.org>
Reviewed-on: #24
Reviewed-by: meaz <meaz@no-reply@disroot.org>

templates/etc/nginx/sites-available/cryptpad.j2

@@ -91,7 +91,7 @@
 
   # privileged contexts allow a few more rights than unprivileged contexts, though limits are still applied
   if ($unsafe) {
-    set $scriptSrc "'self' 'unsafe-eval' 'unsafe-inline' resource: ${main_domain}";
+    set $scriptSrc "'self' 'unsafe-eval' 'unsafe-inline' resource: https://${main_domain}";
   }
 
   # Finally, set all the rules you composed above.