Fix CSP in admin to allow django's jsi18n admin view as a script

[diox]

Fixes mozilla/addons#15832

Testing

• This should fix built-in datetime widgets in the admin. Without this change, everywhere you can modify a datetime that we haven't customized, you would have to enter the date & time manually. Now you get a fancy widget. The change waffle switch page has those for created&modified dates for instance
• This should fix the number of items selected not updating at the top of the list (0 of 100 selected), for changelist pages that display checkboxes, such as the user profiles admin changelist.

[eviljeff]

I can't get this to work on the waffle switch change page - the date widgets are still manual text, and http://olympia.test/en-GB/admin/models/jsi18n/ (in my case) is still blocked due to CSP.

the csp header in the html was:

frame-src https://www.recaptcha.net/recaptcha/; script-src https://.google-analytics.com https://.googletagmanager.com https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://addons.mozilla.org/static-server/ http://olympia.test/static-server/ http://www.google-analytics.com; img-src 'self' blob: data: https://addons.mozilla.org/static-server/ https://addons.mozilla.org/user-media/ https://.google-analytics.com https://.googletagmanager.com http://olympia.test/user-media/ http://olympia.test/static-server/ http://www.google-analytics.com; style-src 'unsafe-inline' https://addons.mozilla.org/static-server/ http://olympia.test/static-server/; child-src https://www.recaptcha.net/recaptcha/; connect-src 'self' https://.google-analytics.com https://.analytics.google.com https://*.googletagmanager.com http://olympia.test; media-src https://videos.cdn.mozilla.net; object-src 'none'; form-action 'self'; font-src 'self' https://addons.mozilla.org/static-server/ http://olympia.test/static-server/; default-src 'none'; report-uri /csp-report

[eviljeff]

can haz l10n, por favor

[eviljeff]

Ah, this is it. It's hard-coded to en-US.