Don't warn for 'unsafe-inline' if hash or nonce present in applicable directive

[aidantwoods]

E.g.

https://www.w3.org/TR/CSP2/#directive-script-src

If 'unsafe-inline' is not in the list of allowed script sources, or if at least one nonce-source or hash-source is present in the list of allowed script sources:[...]

As mentioned in #71.