[WebProfilerBundle] Fix content-security-policy compatibility

This fixes the compatibility of the bundle in case of a `style-src 'self'` policy.

src/Symfony/Bundle/WebProfilerBundle/Resources/views/Profiler/toolbar.html.twig

@@ -4,9 +4,6 @@
         {{ include('@WebProfiler/Icon/symfony.svg') }}
     </a>
 </div>
-<style{% if csp_style_nonce %} nonce="{{ csp_style_nonce }}"{% endif %}>
-    {{ include('@WebProfiler/Profiler/toolbar.css.twig', { 'position': position, 'floatable': true }) }}
-</style>
 <div id="sfToolbarClearer-{{ token }}" class="sf-toolbar-clearer"></div>
 
 <div id="sfToolbarMainContent-{{ token }}" class="sf-toolbarreset clear-fix" data-no-turbolink>

src/Symfony/Bundle/WebProfilerBundle/Resources/views/Profiler/toolbar_js.html.twig

@@ -1,5 +1,8 @@
 <div id="sfwdt{{ token }}" class="sf-toolbar sf-display-none"></div>
 {{ include('@WebProfiler/Profiler/base_js.html.twig') }}
+<style{% if csp_style_nonce %} nonce="{{ csp_style_nonce }}"{% endif %}>
+    {{ include('@WebProfiler/Profiler/toolbar.css.twig', { 'position': position, 'floatable': true }) }}
+</style>
 <script{% if csp_script_nonce %} nonce={{ csp_script_nonce }}{% endif %}>/*<![CDATA[*/
     (function () {
         {% if 'top' == position %}

src/Symfony/Bundle/WebProfilerBundle/Tests/Controller/ProfilerControllerTest.php

@@ -157,9 +157,9 @@ class ProfilerControllerTest extends TestCase
         if ($withCSP) {
             $nonceGenerator = $this->getMockBuilder('Symfony\Bundle\WebProfilerBundle\Csp\NonceGenerator')->getMock();
 
-            return new ProfilerController($urlGenerator, $profiler, $twig, array(), 'normal', new ContentSecurityPolicyHandler($nonceGenerator));
+            return new ProfilerController($urlGenerator, $profiler, $twig, array(), 'bottom', new ContentSecurityPolicyHandler($nonceGenerator));
         }
 
-        return new ProfilerController($urlGenerator, $profiler, $twig, array(), 'normal');
+        return new ProfilerController($urlGenerator, $profiler, $twig, array());
     }
 }