www.youtube.com
www.youtube-nocookie.com
Test page with two embedded YouTube videos. One served from www.youtube.com and one from www.youtube-nocookie.com.
A Content Security Policy (CSP) header served with this test page should prevent the www.youtube-nocookie.com video
from loading, but the www.youtube.com video should be allowed. See https://crbug.com/1271196.
Content-Security-Policy "frame-src 'self' www.youtube.com" always;
www.youtube.com
www.youtube-nocookie.com