update helmet csp for facebook images
Michael Q Larson
parent
35847faaac
commit
1660097544
7
app.js
7
app.js
|
|
@ -115,8 +115,6 @@ var trusted = [
|
||||||
"*.doubleclick.net",
|
"*.doubleclick.net",
|
||||||
"*.twitter.com",
|
"*.twitter.com",
|
||||||
'*.twimg.com',
|
'*.twimg.com',
|
||||||
"*.githubusercontent.com",
|
|
||||||
"*.googleusercontent.com",
|
|
||||||
"'unsafe-eval'",
|
"'unsafe-eval'",
|
||||||
"'unsafe-inline'",
|
"'unsafe-inline'",
|
||||||
"*.rafflecopter.com",
|
"*.rafflecopter.com",
|
||||||
|
|
@ -139,11 +137,14 @@ app.use(helmet.contentSecurityPolicy({
|
||||||
styleSrc: trusted,
|
styleSrc: trusted,
|
||||||
imgSrc: [
|
imgSrc: [
|
||||||
'*.evernote.com',
|
'*.evernote.com',
|
||||||
|
'*.facebook.com',
|
||||||
'*.amazonaws.com',
|
'*.amazonaws.com',
|
||||||
'data:',
|
'data:',
|
||||||
'*.licdn.com',
|
'*.licdn.com',
|
||||||
'*.gravatar.com',
|
'*.gravatar.com',
|
||||||
'*.youtube.com'
|
'*.youtube.com',
|
||||||
|
'*.githubusercontent.com',
|
||||||
|
'*.googleusercontent.com',
|
||||||
].concat(trusted),
|
].concat(trusted),
|
||||||
fontSrc: ['*.googleapis.com'].concat(trusted),
|
fontSrc: ['*.googleapis.com'].concat(trusted),
|
||||||
mediaSrc: [
|
mediaSrc: [
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue