Update helmet js and use newer middleware, update reference to freecodecamp in trusted group

app.js

@@ -21,6 +21,8 @@ var express = require('express'),
   methodOverride = require('method-override'),
   bodyParser = require('body-parser'),
   helmet = require('helmet'),
+  frameguard = require('frameguard'),
+  csp = require('helmet-csp'),
   MongoStore = require('connect-mongo')(session),
   flash = require('express-flash'),
   path = require('path'),
@@ -114,7 +116,7 @@ app.disable('x-powered-by');
 
 app.use(helmet.xssFilter());
 app.use(helmet.noSniff());
-app.use(helmet.xframe());
+app.use(helmet.frameguard());
 app.use(function(req, res, next) {
     res.header('Access-Control-Allow-Origin', '*');
     res.header('Access-Control-Allow-Headers',
@@ -127,6 +129,9 @@ var trusted = [
   "'self'",
   'blob:',
   '*.freecodecamp.com',
+  'http://www.freecodecamp.com',
+  'ws://freecodecamp.com/',
+  'ws://www.freecodecamp.com/',
   '*.gstatic.com',
   '*.google-analytics.com',
   '*.googleapis.com',
@@ -158,7 +163,7 @@ var trusted = [
   'http://hn.inspectlet.com/'
 ];
 
-app.use(helmet.contentSecurityPolicy({
+app.use(helmet.csp({
     defaultSrc: trusted,
     scriptSrc: [
         '*.optimizely.com',
@@ -166,7 +171,6 @@ app.use(helmet.contentSecurityPolicy({
         '*.d3js.org'
     ].concat(trusted),
     'connect-src': [
-        'ws://www.freecodecamp.com'
     ].concat(trusted),
     styleSrc: trusted,
     imgSrc: [
@@ -179,6 +183,7 @@ app.use(helmet.contentSecurityPolicy({
         '*.twitter.com'
     ].concat(trusted),
     frameSrc: [
+        
         '*.gitter.im',
         '*.gitter.im https:',
         '*.vimeo.com',

package.json

@@ -36,9 +36,11 @@
     "font-awesome": "~4.3.0",
     "forcedomain": "~0.4.0",
     "forever": "~0.14.1",
+    "frameguard": "^0.2.2",
     "github-api": "~0.7.0",
     "gulp-minify-css": "~0.5.1",
-    "helmet": "~0.5.3",
+    "helmet": "~0.9.0",
+    "helmet-csp": "^0.2.3",
     "jade": "~1.8.0",
     "less": "~1.7.5",
     "less-middleware": "~2.0.1",