chore(release): 0.0.74

fix: csp updates

CHANGELOG.md

@@ -2,6 +2,13 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+### [0.0.74](https://github.com/sasjs/server/compare/v0.0.73...v0.0.74) (2022-05-12)
+
+
+### Bug Fixes
+
+* csp updates ([7cfa239](https://github.com/sasjs/server/commit/7cfa2398e12c5e515d27c896f36ff91604c2124d))
+
 ### [0.0.73](https://github.com/sasjs/server/compare/v0.0.72...v0.0.73) (2022-05-10)
 
 

README.md

@@ -119,7 +119,7 @@ HELMET_COEP=
 #
 # Example config:
 # {
-#   "img-src": ["'self'", "domain.com"],
+#   "img-src": ["'self'", "data:"],
 #   "script-src": ["'self'", "'unsafe-inline'"],
 #   "script-src-attr": ["'self'", "'unsafe-inline'"]
 # }

api/csp.config.example.json

@@ -1,5 +1,5 @@
 {
-  "img-src": ["'self'", "domen.com"],
+  "img-src": ["'self'", "data:"],
   "script-src": ["'self'", "'unsafe-inline'"],
   "script-src-attr": ["'self'", "'unsafe-inline'"]
 }

api/src/utils/parseHelmetConfig.ts

@@ -5,7 +5,9 @@ export const getEnvCSPDirectives = (
   HELMET_CSP_CONFIG_PATH: string | undefined
 ) => {
   let cspConfigJson = {
-    'script-src': ["'self'", "'unsafe-inline'"]
+    'img-src': ["'self'", 'data:'],
+    'script-src': ["'self'", "'unsafe-inline'"],
+    'script-src-attr': ["'self'", "'unsafe-inline'"]
   }
 
   if (

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "server",
-  "version": "0.0.73",
+  "version": "0.0.74",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "server",
-      "version": "0.0.73",
+      "version": "0.0.74",
       "devDependencies": {
         "prettier": "^2.3.1",
         "standard-version": "^9.3.2"

package.json

@@ -1,6 +1,6 @@
 {
   "name": "server",
-  "version": "0.0.73",
+  "version": "0.0.74",
   "description": "NodeJS wrapper for calling the SAS binary executable",
   "repository": "https://github.com/sasjs/server",
   "scripts": {