An Adobe Commerce developer has added an iframe and included a JavaScript library from an external domain to the website. After that, they found the following error in the console:

Refused to frame [URL] because it violates the Content Security Policy directive.

In order to fix this error, what would be the correct policy ids to add to the csp_whitelist.xml file?