Add Amazon wildcard to whitelisted CSP
S
Subjective Rooster
Add *.s3.amazonaws.com to the default CSP whitelist to allow loading assets from all S3 buckets.
C
Cautious Jellyfish
Or just make this CSP policy configurable.
It would be also nice to embed stuff from companys own systems like system1.company.com.