Description

When using <u-combobox> and <u-datalist> in applications with strict Content Security Policy (CSP) that disables unsafe-inline for styles, the components fail to work properly because inline styles are blocked.

Current Behavior

The components apply inline styles dynamically to DOM elements, which are blocked when CSP style-src directive doesn't include 'unsafe-inline'. This breaks functionality like dropdown positioning and visibility toggling.

Expected Behavior

Components should work with strict CSP policies by either:

1. Using CSS classes instead of inline styles
2. Supporting nonce attribute for CSP compatibility
3. Using CSS custom properties that can be set via stylesheets