Why do I get the “default-src: ‘none'” Content Security Policy error on React PWA app after I’ve set up express-csp-header?

noob here.
Creating a PWA React app using create-react-app and running into the CSP issue regarding default set to none and no img setting to override it.
Have searched for and tried many, many helpful answers for this exact problem but have not hit upon the one that will work for my app.
Maybe I just need a second pair of eyes?