I have an html5 video autoplay on one webpage. The video is completely blocked when the csp is enabled. This is the csp in the htaccess

Header set Content-Security-Policy: default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self'; font-src 'self'; connect-src 'self'; media-src 'self'; object-src 'self'; prefetch-src 'self'; child-src 'none'; frame-src 'none'; worker-src 'none'; frame-ancestors 'none'; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; base-uri 'self'; manifest-src 'self'; referrer no-referrer; report-to removed for content security

Only way to make any progress is by commenting out the csp. The autoplay also doesn't work even when the csp is commented out. The code for that is

<video autoplay id='player-main' class='player'><source src='video/intro.mp4' type='video/mp4'><source src='video/intro.ogg' type='video/ogg'><source src='video/intro.mebm' type='video/webm'></video>