[lightbox-gallery] Plug-in forces enabling script-src unsafe-inline in CSP.

[Eihrister]

Hello!

Trying to clean up my Content-Security-Policy header from unsafe stuff, I found that this plug-in inserts in-line scripting into pages.
This results in me being forced to add "unsafe-inline" to the "script-src".

If it's not too much trouble, I'd prefer it if the code could be moved to a seperate .js file instead :)

[rhukster]

Complicated, inline JS allows us to use twig in the JS to set stuff.. making it external makes this much more complicated as you have to pass stuff in via data attributes or another inline JS which negates the benefits