CSP error in a node.js application
问题 I've a node.js application with a home page in angularjs. This page contains a 'search' box and has corresponding search.js script which runs and makes a server side query call. For security I added 'csp' in my node.js application with following csp configuration. const csp = require('helmet-csp'); app.use(helmet()); app.use(csp({ directives: { defaultSrc: ["'self'", 'https://my.domain.com'], scriptSrc: ["'self'", "'unsafe-inline'"], styleSrc: ["'self'"], imgSrc: ["'self'"], connectSrc: ["