If your webstore is using CSP then you should add the sources listed below to your Content Security Policies. Otherwise browsers will block all requests to Videoly and Youtube.
- default-src: *.videoly.co www.youtube-nocookie.com www.youtube.com *.ytimg.com
- img-src: data:
- media-src: data:
Source data is needed because Videoly's widget and Youtube's player have inline images embedded to avoid extra network requests.