I am trying to complete helmetjs section in Information security course.
In Mitigate the Risk of Clickjacking with helmet.frameguard(), I fail the test --helmet.frameguard() middleware should be mounted correctly (Test timed out)
Second, you can remove the frameguard dependency in your package.json and then pin helmet to version 3.21.3 with helmet: "3.21.3". The tests on these projects expect very specific output from very specific versions of the dependencies. Other versions of helmet may work, but I don’t think any version 4 or up will. That should get you passing.
If you are curious, you can find the error yourself by adding
right before the res.json() in the /app-info route in server.js (ignoring the don’t edit this file warning) and it will print the information the test is asserting against. Newer versions of helmet do not have frameguard in the appStack part while older ones do.