dhatguy
11/24/2022, 10:06 AMnkshah2
11/24/2022, 10:08 AMhttps://cdn.jsdelivr.net/gh/supertokens/*
in your content security policy headersdhatguy
11/24/2022, 10:08 AMnkshah2
11/24/2022, 10:08 AMdhatguy
11/24/2022, 10:09 AMnkshah2
11/24/2022, 10:10 AMdhatguy
11/24/2022, 10:12 AMnkshah2
11/24/2022, 10:13 AMContent-Security-Policy
header to your responsesdhatguy
11/24/2022, 10:13 AMnkshah2
11/24/2022, 10:13 AMnkshah2
11/24/2022, 10:16 AMapp.use(
helmet.contentSecurityPolicy({
directives: {
"default-src": ["https://cdn.jsdelivr.net/gh/supertokens/"]
},
})
);
dhatguy
11/24/2022, 10:23 AMdhatguy
11/24/2022, 10:24 AMdhatguy
11/24/2022, 10:24 AMapp.use(
helmet.contentSecurityPolicy({
directives: {
"script-src": ["https://cdn.jsdelivr.net/gh/supertokens/"],
},
})
);
dhatguy
11/24/2022, 10:24 AMnkshah2
11/24/2022, 10:40 AMdhatguy
11/24/2022, 10:53 AMnkshah2
11/24/2022, 10:53 AMapp.use(
helmet.contentSecurityPolicy({
directives: {
"default-src": ["https://cdn.jsdelivr.net/gh/supertokens/", "unsafe-inline]
},
})
);
nkshah2
11/24/2022, 10:53 AMdhatguy
11/24/2022, 10:56 AMapp.use(
helmet({
crossOriginEmbedderPolicy: false,
contentSecurityPolicy: {
...helmet.contentSecurityPolicy.getDefaultDirectives(),
directives: {
scriptSrc: [
"'self'",
"'unsafe-inline'",
"https://cdn.jsdelivr.net/gh/supertokens/",
],
imgSrc: ["'self'", "https://*.net", "https://*.com"],
},
},
})
);
nkshah2
11/24/2022, 10:57 AMnkshah2
11/24/2022, 10:57 AMnkshah2
11/24/2022, 10:57 AM