Test for “Information Security with HelmetJS - Set a Content Security Policy with helmet.contentSecurityPolicy()” fails, even though I think, I’m doing all thing as it should be done.
I have a suspition that this problem has something to do with Glitch as the page itself loads really slowly, and the first test usually times out, and if not (1 in 10 times), then the second test fails, even though I have the stuff set up (as far as I see) correctly (it also times out).
Does anybody have an idea what could cause this issue?
My code so far
app.use(helmet.contentSecurityPolicy({
directives:{
defaultSrc: ["‘self’"],
scriptSrc: ["‘self’", ‘trusted-cdn{dot}com’]
}
}));
obviously in the place of {dot} I’m having a “.” ,but FCC handles it as link and it doesn’t let me post it like that
I cant use links on my post but this is the 10th challenge of the Information Security With Helmet JS curriculum.
Title: Information Security with HelmetJS - Set a Content Security Policy with helmet.contentSecurityPolicy()