Merge pull request #16766 from nextcloud/fix/frame-src/no-nonce

frame-src doesn't respect the nonce attribute

lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php

@@ -494,9 +494,6 @@ class EmptyContentSecurityPolicy {
 
 		if(!empty($this->allowedFrameDomains)) {
 			$policy .= 'frame-src ';
-			if(is_string($this->useJsNonce)) {
-				$policy .= '\'nonce-' . base64_encode($this->useJsNonce) . '\' ';
-			}
 			$policy .= implode(' ', $this->allowedFrameDomains);
 			$policy .= ';';
 		}