fix csp errors in with-strict-csp-app example (#14262)

Added proper content security policies in the dev environment 
fixes: #14221

Author: darshkpatel

examples/with-strict-csp/pages/_document.js

@@ -6,12 +6,16 @@ const cspHashOf = (text) => {
   hash.update(text)
   return `'sha256-${hash.digest('base64')}'`
 }
-
 export default class MyDocument extends Document {
   render() {
-    const csp = `default-src 'self'; script-src 'self' ${cspHashOf(
+    let csp = `default-src 'self'; script-src 'self' ${cspHashOf(
       NextScript.getInlineScriptSource(this.props)
     )}`
+    if (process.env.NODE_ENV !== 'production') {
+      csp = `style-src 'self' 'unsafe-inline'; font-src 'self' data:; default-src 'self'; script-src 'unsafe-eval' 'self' ${cspHashOf(
+        NextScript.getInlineScriptSource(this.props)
+      )}`
+    }
 
     return (
       <html>