fix: modify CSP to allow connect-src blob

[weareoutman]

Updated Content Security Policy to include 'blob' in connect-src.

Fixing #548

Description

Fixes #

Type of change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

Checklist:

• My code follows the style guidelines of this project
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings

[weareoutman]

@kfiven Hi, GitHub Actions were failed, I suggest to disable updater for forked PRs. For outside PRs, you don't want them to release packages with your own keys.

A possible config could be:

      # Before tauri-apps/tauri-action
      - name: Disable Updater for Fork PRs
        if: github.event.pull_request.head.repo.fork == true
        run: |
          echo "TAURI_CONFIG={\"plugins\": {\"updater\": {\"pubkey\": \"\"}}}" >> $GITHUB_ENV

[kfiven]

Thanks for this and changes to ci!