I need to specify a "Content Security Policy" header for a website using AblePlayer, but I can't find a definition for AblePlayer requirements.
It seems like script-src needs both 'unsafe-inline' and 'unsafe-eval'.
Is AblePlayer moving towards a more safe use of JavaScripts by removing inline scripts and styles?