Information Security with HelmetJS - Set a Content Security Policy with helmet.contentSecurityPolicy()

Information Security with HelmetJS - Set a Content Security Policy with helmet.contentSecurityPolicy()
0

#1

Not passing the test with this… any idea?

app.use(helmet.contentSecurityPolicy({directives:{defaultSrc:["'self'"], scriptSrc: ["'self'", "'trusted-cdn.com'"]}}));

https://learn.freecodecamp.org/information-security-and-quality-assurance/information-security-with-helmetjs/set-a-content-security-policy-with-helmet-contentsecuritypolicy


#2

Oops, that was a dumb mistake.

trusted-cdn didn’t need to be wrapped around single quotes inside doublequotes.