Add nonce attribute to all scripts in wrapper

src/Ui/template/wrapper.html

@@ -14,7 +14,7 @@
 <noscript>
 <div class="unsupported"><h3>ZeroNet requires JavaScript support.</h3>If you use NoScript: Click on toolbar icon and choose the "Temporary allow all this page" option.</div>
 </noscript>
-<script>
+<script nonce="{script_nonce}">
 // If we are inside iframe escape from it
 if (window.self !== window.top) {
 	window.open(window.location.toString().replace(/([&?])wrapper=False/, "$1").replace(/&$/, "").replace(/[&?]wrapper_nonce=[A-Za-z0-9]+/, ""), "_top");
@@ -64,7 +64,7 @@ else if (window.opener && window.opener.location.toString()) {
 <iframe src='about:blank' id='inner-iframe' sandbox="allow-forms allow-scripts allow-top-navigation allow-popups allow-modals allow-presentation {sandbox_permissions}" allowfullscreen="true" webkitallowfullscreen="true" mozallowfullscreen="true" oallowfullscreen="true" msallowfullscreen="true"></iframe>
 
 <!-- Site info -->
-<script id="script_init">
+<script id="script_init" nonce="{script_nonce}">
 document.getElementById("inner-iframe").src = "{file_url}{query_string}"
 address = "{address}"
 wrapper_nonce = "{wrapper_nonce}"
@@ -82,7 +82,7 @@ if (typeof WebSocket === "undefined") {
 	document.body.appendChild(tag)
 }
 </script>
-<script type="text/javascript" src="/uimedia/all.js?rev={rev}&lang={lang}"></script>
-<script>setTimeout(window.wrapper.onWrapperLoad, 1)</script>
+<script type="text/javascript" src="/uimedia/all.js?rev={rev}&lang={lang}" nonce="{script_nonce}"></script>
+<script nonce="{script_nonce}">setTimeout(window.wrapper.onWrapperLoad, 1)</script>
 </body>
 </html>