Trying to add CSP via helmet to my app; I currently use a third party ad company to manage ads on the site & wondering if there's a way to allow all the ad urls from them without having to include every single possible base url in the exceptions. Thanks!

You can use wildcards, like *.ads.example.com. Does that help?

This isn't really an issue with Helmet as far as I can tell, so I'm going to close this issue. Happy to continue to help, though!