Closed medjedovicm closed 2 years ago
HELMET_CSP_CONFIG_PATH
contentSecurityPolicy
HELMET_COEP
crossOriginEmbedderPolicy
Per discussion, let's switch this to using a defined set of CSP directives and disable the "disable" option
Implementation
HELMET_CSP_CONFIG_PATH
that will import the JSON config to HELMETcontentSecurityPolicy
directivesHELMET_COEP
that will be bassed to the HELMET config forcrossOriginEmbedderPolicy