Unable serve bull monitor with http.createServer

[weilinzung]

Hello, I am trying to add a bull monitor to my existing Express app, but when I try to hit http://localhost:3000/monitor it gives me the unable to find route error. Here is my setup, please guide me on what the issue may be.

express.ts

const app = express();

app.use([
helmet(), => this middleware gave the issue...
cors()
]
);

monitor.init().then(() => {
  app.use('/monitor', monitor.router);
});

app.use('/', mainRoutes);

export default app;

---

main.ts

import http from 'http';
import app from './express';

const server = http.createServer(app);
server.listen(3000);

[weilinzung]

I just figured out it is because of the helmet middleware

Refused to load the script 'https://cdn.jsdelivr.net/npm/@bull-monitor/[email protected]/build/main.js' because it violates the following Content Security Policy directive: "script-src 'self'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

[weilinzung]

Is possible to allow those resource files loaded from the package? so we can compile them as part of our app?

[s-r-x]

Is possible to allow those resource files loaded from the package? so we can compile them as part of our app?

nope.

i'll try to look into it. you can add { contentSecurityPolicy: false } into your helmet config as a bandaid

[weilinzung]

Is possible to allow those resource files loaded from the package? so we can compile them as part of our app?

nope.

i'll try to look into it. you can add { contentSecurityPolicy: false } into your helmet config as a bandaid

I actually did the way below and is working locally, but the entire app(all routes) gets 504 errors once it is deployed to Google Cloud Run.

  helmet({
    contentSecurityPolicy: {
      useDefaults: true,
      directives: {
        'script-src': ["'self'", 'cdn.jsdelivr.net']
      }
    }
  }),