whitelist
Only used if policy type is set to WHITELIST.
Defines a list of directives with sources according to the Content-Security-Policy standard. Please see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy# for more information