Make web3.js compatible with Content Security Policy and Trusted Types

[Zemnmez]

Description

Remove use of eval() / Function() which was making web3.js incompatible with Content Security Policy, Trusted Types and other XSS prevention measures (see notes in code).

Type of change

• Bug fix (non-breaking change which fixes an issue)

Checklist:

• I have selected the correct base branch. (I guess??)
• I have performed a self-review of my own code.
• I have commented my code, particularly in hard-to-understand areas.
• I have made corresponding changes to the documentation.
• My changes generate no new warnings.
• Any dependent changes have been merged and published in downstream modules.
• I ran npm run dtslint with success and extended the tests and types if necessary.
• I ran npm run test:unit with success.
• I ran npm run test:cov and my test cases cover all the lines and branches of the added code.
• I ran npm run build and tested dist/web3.min.js in a browser.
• [?] I have tested my code on the live network.
• [?] I have checked the Deploy Preview and it looks correct.
• [?] I have updated the CHANGELOG.md file in the root folder. -- please help me with these.

[Zemnmez]

Should for the most part be fixed via #4613