Per F2F discussion , consider extending this specification to support integrity metadata on inline scripts(/styles?).

This also implies that require-sri-for will enforce integrity metadata on both inline and external resources types.

WDYT @metromoxie, @devd, @mozfreddyb, @fmarier ?