freeCodeCamp Challenge Guide: Set a Content Security Policy with helmet.contentSecurityPolicy()

camperbot · August 3, 2019, 1:20pm

Set a Content Security Policy with helmet.contentSecurityPolicy()

Hints

Hint 1

You want your app to use helmet’s contentSecurityPolicy() method.

Hint 2

Be sure to give the directives object in the configuration a defaultSrc and scriptSrc.

Solutions

Solution 1 (Click to Show/Hide)

In the myApp.js file, add app.use(helmet.contentSecurityPolicy({ directives: { defaultSrc: ["'self'"], scriptSrc: ["'self'", "trusted-cdn.com"] }} )) under the tenth instruction.

Note: Be sure to submit the link to the live demo of your project.

Topic		Replies	Views
Information Security with HelmetJS - Set a Content Security Policy with helmet.contentSecurityPolicy() JavaScript	4	2379	February 2, 2021
Information Security with HelmetJS - Set a Content Security Policy with helmet.contentSecurityPolicy() JavaScript	2	194	April 21, 2024
Information Security with HelmetJS - Set a Content Security Policy with helmet.contentSecurityPolicy() JavaScript	1	417	July 4, 2023
Information Security with HelmetJS - Set a Content Security Policy with helmet.contentSecurityPolicy() JavaScript	4	362	August 21, 2023
Information Security with HelmetJS - Set a Content Security Policy with helmet.contentSecurityPolicy() JavaScript	2	262	August 10, 2023