Feature: Introduce nonce prop to ChayaProvider for CSP compliance #147
Description
Is your feature request related to a problem? Please describe.
A strict Content Security Policy (CSP) header is a crucial requirement for adhering to modern security standards. Currently, the Chaya UI injects <script> and <style> tags directly into the rendered HTML. This approach necessitates relaxing the CSP rules by adding unsafe-eval or unsafe-inline to the script-src-elem and style-src-elem directives. This relaxation is required for the client (browser) to correctly render the HTML, as the injected <style> and <script> tags lack the necessary nonce or hash attribute to verify the integrity.
Describe the solution you'd like
Introducing a nonce prop to the ChayaProvider component would enable Chaya UI to become CSP compliant. This would allow developers to specify a unique nonce value in their CSP header and pass it down to the Chaya UI components. By incorporating this nonce into the generated <script> and <style> tags, developers can maintain a strict and secure CSP while still utilizing the Chaya UI library effectively.