another attempt at fixing

2014-12-22 15:54:43 -08:00
parent d8158041de
commit ae9c61fc64
1 changed files with 1 additions and 1 deletions
--- a/app.js
+++ b/app.js
@ -121,7 +121,7 @@ app.use(helmet.contentSecurityPolicy({
    defaultSrc: trusted,
    scriptSrc: ['*.optimizely.com'].concat(trusted),
    'connect-src': process.env.NODE_ENV === 'development' ? ['ws://localhost:3001/', 'http://localhost:3001/'] : [],
-    connectSources: ["ws://api.rafflecopter.com", "wss://api.rafflecopter.com", "ws://www.freecodecamp.com"],
+    connectSources: ["ws://api.rafflecopter.com", "wss://api.rafflecopter.com", "ws://www.freecodecamp.com"].concat(trusted),
    styleSrc: trusted,
    imgSrc: ['*.evernote.com', '*.amazonaws.com', "data:", '*.licdn.com'].concat(trusted),
    fontSrc: ["'self", '*.googleapis.com'].concat(trusted),