Merge pull request #582 from companieshouse/bug/IDVA5-1710-Start-Now-…

…Button-Issue

Fixing issue when clicking the Start Now button from the landing page when user is already logged in

src/middleware/content_security_policy_middleware_config.ts

@@ -1,10 +1,11 @@
 import { HelmetOptions } from "helmet";
-import { CDN_HOST, PIWIK_URL, PIWIK_CHS_DOMAIN } from "../utils/properties";
+import { CDN_HOST, PIWIK_URL, PIWIK_CHS_DOMAIN, CHS_URL } from "../utils/properties";
 
 export const prepareCSPConfig = (nonce: string) : HelmetOptions => {
     const SELF = `'self'`;
     const NONCE = `'nonce-${nonce}'`;
     const ONE_YEAR_SECONDS = 31536000;
+    const ALL_CHS_DOMAIN = `${CHS_URL}*`;
 
     return {
         contentSecurityPolicy: {
@@ -15,7 +16,7 @@ export const prepareCSPConfig = (nonce: string) : HelmetOptions => {
                 imgSrc: [CDN_HOST],
                 styleSrc: [NONCE, CDN_HOST],
                 connectSrc: [SELF, PIWIK_URL],
-                formAction: [SELF, PIWIK_CHS_DOMAIN],
+                formAction: [SELF, PIWIK_CHS_DOMAIN, ALL_CHS_DOMAIN],
                 scriptSrc: [NONCE, CDN_HOST, PIWIK_URL],
                 objectSrc: [`'none'`]
             }