From 3919919dafd77cd43ec8dbf7e54a3f3d8d89ac75 Mon Sep 17 00:00:00 2001
From: terakilobyte <terakilobyte@gmail.com>
Date: Wed, 6 May 2015 09:24:27 -0400
Subject: [PATCH] whitelist freecodecamp specifically in script src for helmet

---
 app.js | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/app.js b/app.js
index d7048557e4..7bb86ed8e3 100755
--- a/app.js
+++ b/app.js
@@ -126,6 +126,7 @@ app.use(function(req, res, next) {
 var trusted = [
   "'self'",
   '*.freecodecamp.com',
+  'http://www.freecodecamp.com/*',
   '*.gstatic.com',
   '*.google-analytics.com',
   '*.googleapis.com',
@@ -167,7 +168,8 @@ app.use(helmet.contentSecurityPolicy({
     scriptSrc: [
         '*.optimizely.com',
         '*.aspnetcdn.com',
-        '*.d3js.org'
+        '*.d3js.org',
+        '*.freecodecamp.com'
     ].concat(trusted),
     'connect-src': [
         'ws://*.rafflecopter.com',