CSP compatibility

[anthonyryan1]

Transmission is going to be updating the WebUI to operate under a Content Security Policy in the future (see Transmission #5894). CSP imposes some constraints on the way things are coded in exchange for strong protection against XSS, Clickjacking and other kinds of malicious activity.

This pull request does the brunt of the work preparing Shift for these changes. The new rules that will apply to all future changes include:

• No eval() in javascript
• No style attributes in HTML
• No data URIs

To accomplish this, the following changes have been made:

• Hide the element using prototype rather than style="display: none;"
• Convert shift.png from data URI to static file and optimize
• Convert background gradient from data URI to CSS gradient

The only remaining problem is going to be with the riffwave javascript library that's included which generates data URIs. There are two solutions available here and I will be happy to implement either of them:

1. Include a .wav file and load it with javascript.
2. Use the new AudioContext API (does not support Internet Explorer yet, but will eventually).

Please let me know how you would like to proceed with the riffwave problem.

[killemov]

Thank you for you work. Upon your request I have removed some inline styles but i will keep the assets as-is for now.