gaspersic/freeCodeCamp
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Revert "whitelist freecodecamp specifically in script src for helmet"

Browse Source 
This reverts commit 3919919daf.
This commit is contained in:
terakilobyte
2015-05-06 12:49:59 -04:00
parent 3919919daf
commit 68420149b0
1 changed files with 1 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app.js
View File

@ -126,7 +126,6 @@ app.use(function(req, res, next) {
var trusted = [ var trusted = [
"'self'", "'self'",
'*.freecodecamp.com', '*.freecodecamp.com',
'http://www.freecodecamp.com/*',
'*.gstatic.com', '*.gstatic.com',
'*.google-analytics.com', '*.google-analytics.com',
'*.googleapis.com', '*.googleapis.com',
@ -168,8 +167,7 @@ app.use(helmet.contentSecurityPolicy({
scriptSrc: [ scriptSrc: [
'*.optimizely.com', '*.optimizely.com',
'*.aspnetcdn.com', '*.aspnetcdn.com',
'*.d3js.org', '*.d3js.org'
'*.freecodecamp.com'
].concat(trusted), ].concat(trusted),
'connect-src': [ 'connect-src': [
'ws://*.rafflecopter.com', 'ws://*.rafflecopter.com',