feat: Added youtube to content security

source/netlify.toml

@@ -1,7 +1,7 @@
 [[headers]]
   for = "/*"
   [headers.values]
-    Content-Security-Policy = "default-src 'self' 'unsafe-inline' *.ucsc.edu; img-src 'self' *.ucsc.edu *.google-analytics.com *.siteimproveanalytics.io data: *.cloudfront.net; script-src 'self' 'unsafe-inline' *.googletagmanager.com *.google-analytics.com siteimproveanalytics.com *.fontawesome.com *.cloudfront.net unpkg.com *.cloudflare.com; style-src 'self' 'unsafe-inline' data: *.ucsc.edu *.googleapis.com *.fontawesome.com *.cloudfront.net; font-src 'self' *.cloudfront.net fonts.gstatic.com *.fontawesome.com; object-src 'none';"
+    Content-Security-Policy = "default-src 'self' 'unsafe-inline' *.ucsc.edu; img-src 'self' *.ucsc.edu *.google-analytics.com *.siteimproveanalytics.io data: *.cloudfront.net; script-src 'self' 'unsafe-inline' *.googletagmanager.com *.google-analytics.com siteimproveanalytics.com *.fontawesome.com *.cloudfront.net unpkg.com *.cloudflare.com; style-src 'self' 'unsafe-inline' data: *.ucsc.edu *.googleapis.com *.fontawesome.com *.cloudfront.net; font-src 'self' *.cloudfront.net fonts.gstatic.com *.fontawesome.com; object-src 'none'; *.youtube.com;"
     X-Content-Type-Options = "nosniff"
     X-XSS-Protection = "1; mode=block"
     X-Frame-Options = "DENY"