Make default iframe sandbox only require :blob csp permission

[silesky]

No description provided.

[changeset-bot]

🦋 Changeset detected

Latest commit: 98ff882

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 2 packages

Name	Type
@segment/analytics-signals-runtime	Minor
@segment/analytics-signals	Minor

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[codecov]

Codecov Report

Attention: Patch coverage is 5.00000% with 57 lines in your changes missing coverage. Please review.

Project coverage is 84.51%. Comparing base (3f15dfa) to head (98ff882).

Files with missing lines	Patch %	Lines
...ages/signals/signals/src/core/processor/sandbox.ts	5.08%	56 Missing ⚠️
...gnals/src/core/middleware/event-processor/index.ts	0.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #1290      +/-   ##
==========================================
+ Coverage   82.87%   84.51%   +1.64%     
==========================================
  Files         225      221       -4     
  Lines        6019     5871     -148     
  Branches     1365     1342      -23     
==========================================
- Hits         4988     4962      -26     
+ Misses       1031      909     -122     

Flag	Coverage Δ
browser	92.21% <ø> (ø)
core	89.86% <ø> (ø)
node	87.93% <ø> (ø)

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.