Use content security policy to prevent live leaks from playbacks

[jcushman]

Suggested by Andy Jackson to Ilya -- if we use a content security policy, we can stop playbacks from accidentally including content from the live web, which will avoid users thinking that a capture has worked that actually depends on outside resources continuing to work.

[matteocargnelutti]

We'll revisit this question in the context of client-side playback.

Of particular interest: what about potential web socket leaks?