it just doesn't work
Closed this issue ยท 5 comments
EitanK96 commented
this is my code
const express = require('express')
const helmet = require('helmet')
const morgan = require('morgan')
const compression = require('compression')
const bodyParser = require('body-parser')
const Agenda = require('agenda');
const Agendash = require('agendash2');
const agenda = new Agenda({db: {address: process.env.MONGO_URL, collection: process.env.AGENDA_COLLECTION}})
const port = process.env.PORT || 3000
const app = express()
app.use(morgan('dev'))
app.use(helmet())
app.use(compression())
app.use(bodyParser.urlencoded({ extended: false }))
app.use(bodyParser.json())
app.use('/dash', Agendash(agenda));
app.listen(port, () => console.info(`Service is listening on port ${port}!`))
I am getting the following errors in the console:
probably related to the package install
dbetter commented
@EitanWeMatch - What's causing this here is helmet
- which by the way used, applies default settings to CSP (Content Security Policy): https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP.
You can either:
- Configure helmet specific configurations with respect to CSP property:
- https://helmetjs.github.io/ - helmet.contentSecurityPolicy(options)
- Add another middleware before your route that removes this CSP header from the response:
app.use(
'/dash',
(req, res, next) => {
res.removeHeader('Content-Security-Policy');
next();
},
Agendash(agenda)
);
marwej commented
Any plans on a version that doesn't load resources from external sources?
emilniklas commented
koresar commented
You people are amazing! ๐