Custom CSP configurable by the user

[Janrupf]

Description

At the moment WebCord provides a reasonable set of builtin CSP to be enabled and disabled. However, when adding custom themes, one may want to allow further domains.

Suggestions

Add the option to write custom CSP rules in order to add more domains to the allowlist.

This should probably clearly warn the user that they reduce the security and should never paste in random stuff.

Alternatives

The theme could be patched as to not require online resources.

Additional Context

Clear Vision is a custom Discord theme which claims to be "auto updating" - in reality this means they @import the actual theme, and the CSS file you download is just a kind of configuration file. Additionally it also loads some icons from custom domains.

[Janrupf]

After a bit of reading through WebCord's source code I noticed it actually handles @imports. So the theme actually broke because of url(...) referencing external images. Maybe these could be substituted in a similar way as imports by converting them to data uri's?