feat: enhance CSP bypass with comprehensive directive fixing and simplified HTML parsing

Improve Content Security Policy bypass functionality with enhanced directive handling:

**Key Improvements:**
- **Comprehensive CSP Fixing**: Add \_fixCSP()\ method for intelligent CSP directive modification
- **Meta Tag Support**: Extend CSP bypass to handle CSP meta tags in HTML content
- **HTML Entity Handling**: Add proper decoding/encoding of HTML entities in meta tags
- **Simplified HTML Parsing**: Replace complex regex with efficient indexOf/slice operations
- **Improved Injection Logic**: Refactor script injection to use consistent nonce-based approach

**Technical Changes:**

**New \_fixCSP()\ Method:**
- Parse CSP directives intelligently with proper whitespace handling
- Add nonce support for script-src when available
- Enable unsafe-eval for scripts and unsafe-inline for styles
- Allow data: URLs for images and fonts
- Enable WebSocket connections (ws:, wss:)
- Relax frame-ancestors restrictions
- Preserve existing directives while adding necessary permissions

**Enhanced \ulfill()\ Method:**
- Extract existing nonces from CSP headers and meta tags
- Process both HTTP headers and HTML meta tags for CSP
- Decode HTML entities in meta tag content before processing
- Re-encode CSP content for proper HTML output
- Generate secure base64 nonces when none exist
- **Replace regex-based HTML parsing with indexOf/slice for better performance**
- Improve HTML parsing reliability with simpler string operations

This provides more robust CSP bypass capabilities across different CSP implementations while maintaining security through proper nonce usage and improved performance through simplified HTML parsing.