CSP: allow google translate for all pages

Users seem to frequently use google translate.  CSP violations have been seen for:

* `connect-src`:
  * translate.google.com
  * translate.googleapis.com
* `image-src`:
  * translate.google.com