Fix hydrogen plots e.g. plotly, altair

[asiloisad]

The Content Security Policy block hydrogen-next interactive elements generated by e.g. plotly, altair. It's old issue inherited from old days of hydrogen nteract/hydrogen#1896 (comment).

Reproduce steps:

1. Install hydrogen or hydrogen-next
2. Install Python, IPython & kernel
3. Create Python file
4. Paste example code

   import altair as alt
   import numpy as np
   import pandas as pd
   
   x = np.arange(100)
   source = pd.DataFrame({
     'x': x,
     'f(x)': np.sin(x / 5)
   })
   
   alt.Chart(source).mark_line().encode(
       x='x',
       y='f(x)'
   )

5. Start kernel & run all

Tested in dev build.

[savetheclocktower]

Don't let me forget about this PR… but it feels like a bit of a scary change, so I'd like to do a little bit of research to make sure this doesn't open a Pandora's Box somehow.

[asiloisad]

I will be glad if this pr land and restore Vega plots atom/atom#14761. A scripts-src has been explained here

[mauricioszabo]

I don't think this is too scary. We have way more dangerous things that we support in Pulsar, and that's the price we pay for "hackability" (if that's even a word).

I am kind of curious why we can't plot in Hydrogen, because I do plot in my own plug-in Lazuli, but maybe I'm using a different way to evaluate code 🤔