Not passing the test with this… any idea?
app.use(helmet.contentSecurityPolicy({directives:{defaultSrc:["'self'"], scriptSrc: ["'self'", "'trusted-cdn.com'"]}}));
Oops, that was a dumb mistake.
trusted-cdn didn’t need to be wrapped around single quotes inside doublequotes.
1 Like
I also got the same problem,but corrected it.Thanks to you.
This helped. How did you know to put {directives:} around {defaultSrc:, scriptSrc:} ?