specify a ng-csp attribute so Angular doesn't autodetect

without this, we're getting a false positive log message about an unsafe
eval (which is *actually* just angular auto-detecting whether or not
eval is supported)

awx/ui/client/index.template.ejs

@@ -1,5 +1,5 @@
 <!DOCTYPE html>
-<html>
+<html ng-csp="no-unsafe-eval">
 
 <head>
     <meta charset="utf-8">