White-list domains for HTTP/HTTPS streaming

[HadrienGardeur]

For deployments targeting HTTP/HTTPS streaming, it's unlikely that they will target the ability to stream from any domain.

To fully support this use case, we need to add a new flag that can receive a list of whitelisted domains.

[chocolatkey]

We should consider the same for S3 & GCS as well