allanbowe
commented
2 years ago Per discussion, let's switch this to using a defined set of CSP directives and disable the "disable" option
Closed medjedovicm closed 2 years ago
allanbowe
commented
2 years ago Per discussion, let's switch this to using a defined set of CSP directives and disable the "disable" option
Implementation
HELMET_CSP_CONFIG_PATHthat will import the JSON config to HELMETcontentSecurityPolicydirectivesHELMET_COEPthat will be bassed to the HELMET config forcrossOriginEmbedderPolicy