using helmet in express application leads to an error

Asked Apr 02 '23 at 14:39

Active Apr 02 '23 at 14:39

Viewed 59 times

GET https://checkout.razorpay.com/v1/checkout.js net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep 200 (OK)

app.use(
    helmet({
        contentSecurityPolicy: {
            directives: {
                ...helmet.contentSecurityPolicy.getDefaultDirectives(),
                "script-src": ['self', 'unsafe-inline', 'data:',
                    'http://localhost:3000',
                    'https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/js/bootstrap.bundle.min.js',
                    'https://cdn.jsdelivr.net/npm/axios/dist/axios.min.js',
                    'https://checkout.razorpay.com/v1/checkout.js'],
            },
        },
        crossOriginEmbedderPolicy: false,
    })
)


app.use(cors())

asked Apr 02 '23 at 14:39

Sourabh Bharamkar

Does this answer your question? [Getting "NotSameOriginAfterDefaultedToSameOriginByCoep" error with Helmet](https://stackoverflow.com/questions/71904052/getting-notsameoriginafterdefaultedtosameoriginbycoep-error-with-helmet) – Evan Hahn Apr 03 '23 at 00:38

using helmet in express application leads to an error

0 Answers0