add 'resource:' to script-src to enable shared-worker debugging in firefox

docs/example.nginx.conf

@@ -96,7 +96,7 @@ server {
     set $workerSrc  "https://${main_domain}";
 
     # script-src specifies valid sources for javascript, including inline handlers
-    set $scriptSrc  "'self' ${main_domain}";
+    set $scriptSrc  "'self' resource: ${main_domain}";
 
     set $unsafe 0;
     # the following assets are loaded via the sandbox domain
@@ -110,7 +110,7 @@ server {
 
     # privileged contexts allow a few more rights than unprivileged contexts, though limits are still applied
     if ($unsafe) {
-        set $scriptSrc "'self' 'unsafe-eval' 'unsafe-inline' ${main_domain}";
+        set $scriptSrc "'self' 'unsafe-eval' 'unsafe-inline' resource: ${main_domain}";
     }
 
     # Finally, set all the rules you composed above.