Re: Content Security Policy without unsafe-inline

[Lance Java]

If we were to use a token, care would need to be taken with token
generation such that it's not predictable. We don't want hackers
intercepting sensitive data meant for another client.