Content-Security-Policy using wildcards

The Content-Security-Policy allows wildcards to be used in the policy. For example, to allow any website on any port hosted in the "eur.ad.sag" domain, you can specify:

<init-param> <param-name>policy</param-name> <param-value>frame-ancestors http://*.eur.ad.sag:* 'self' </param-value> </init-param>