Add *.s3.amazonaws.com to the default CSP whitelist to allow loading assets from all S3 buckets.