Fixes Content-security-Policies bug #14846

[Qui-mey]

Changed innerHTML injection to textContent. innerHTML is not parsed as HTML, so it does not violate the CSP.

Fixes bug for issue: #14846
Suggested fix from: #12855

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

1 Ignored Deployment

Name	Status	Preview	Comments	Updated (UTC)
primeng	⬜️ Ignored (Inspect)	Visit Preview		Feb 21, 2024 1:36pm

[Qui-mey]

This issue is more complex and requires more changes. The problem is that a style element is created and appended to the head of the document without a nonce. More components suffer from this issue. PrimeNG should be able to apply the nonce to all its components' dynamic style elements via a service of some sort. It should be made compatible with Angular 16's ngCspNonce.