Content security policies
Brightcove's current set of CSPs:
default-src 'self';
script-src 'self' players.brightcove.net vjs.zencdn.net;
connect-src 'self' players.brightcove.net edge.api.brightcove.com;
img-src 'self' players.brightcove.net *.boltdns.net *.akamaihd.net;
style-src 'self' players.brightcove.net;
frame-src 'self' players.brightcove.net;
media-src 'self' *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com;
prefetch-src 'self' *.boltdns.net;