https://supertokens.com/ logo
Title
d

dhatGuy

11/24/2022, 10:06 AM
trying to access the dashboard
n

nkshah2

11/24/2022, 10:08 AM
Hi @dhatGuy Youll need to allow
https://cdn.jsdelivr.net/gh/supertokens/*
in your content security policy headers
d

dhatGuy

11/24/2022, 10:08 AM
how do I go about that?
n

nkshah2

11/24/2022, 10:08 AM
What stack are you using?
d

dhatGuy

11/24/2022, 10:09 AM
express
n

nkshah2

11/24/2022, 10:10 AM
Are you using any middleware to support content security policy?
d

dhatGuy

11/24/2022, 10:12 AM
nope
n

nkshah2

11/24/2022, 10:13 AM
Are you manually adding a
Content-Security-Policy
header to your responses
d

dhatGuy

11/24/2022, 10:13 AM
oh yes, helmet
n

nkshah2

11/24/2022, 10:13 AM
Ah one sec
You can do something like this
app.use(
  helmet.contentSecurityPolicy({
    directives: {
      "default-src": ["https://cdn.jsdelivr.net/gh/supertokens/"]
    },
  })
);
d

dhatGuy

11/24/2022, 10:23 AM
okay, this didn't work
but this did with some errors too
app.use(
    helmet.contentSecurityPolicy({
      directives: {
        "script-src": ["https://cdn.jsdelivr.net/gh/supertokens/"],
      },
    })
  );