Tell us what’s happening:
When I try to test my answer, it tells me that my middleware should be mounted correctly even thougth it is correct (I checked on the hints).
I am strictly following the documentation of helmet and the test seems to be broken.
Previous answers worked fine with Glitch.
Your code so far
var express = require('express');
var app = express();
const helmet = require('helmet');
/**
... Previous steps ...
*/
/** 6) Prevent IE from opening *untrusted* HTML - `helmet.ieNoOpen()` */
// Some web applications will serve untrusted HTML for download. By default,
// some versions of Internet Explorer will allow you to open those HTML files
// in the context of your site, which means that an untrusted HTML page could
// start doing bad things inside your pages.
// This middleware sets the `X-Download-Options` header to `noopen`,
// to prevent IE users from executing downloads in the *trusted* site's context.
// Use `helmet.ieNoOpen()`
app.use(helmet.ieNoOpen());
Your browser information:
User Agent is: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 OPR/68.0.3618.142
.
Challenge: Prevent IE from Opening Untrusted HTML with helmet.ieNoOpen()
Link to the challenge:
Thanks a lot !