Sourcegraph console warnings on Firefox

Description

With Sourcegraph enabled in user preferences, there's some strange console warnings popping up.

Warning 1 - CSP

I think some of our own scripts are also causing other instances of this one 👇

Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified

Warning 2 - Character encoding

The character encoding of a framed document was not declared. The document may appear different if viewed without the document framing it.

It seems like this comes from the extensionHostFrame.html 🤔

/cc @felixfbecker @christinaforney