Mitigate the Risk of Clickjacking with helmet.frameguard()

// running tests helmet.frameguard() middleware should be mounted correctly // tests completed

helmet.frameguard() middleware should be mounted correctly - Failed

helmet.frameguard() ‘action’ should be set to ‘DENY’ - Passed

https://checkered-motley-wilderness.glitch.me

1 Like

Hello there,

If you are struggling with these challenges, it is likely related to:

The tempory solution is:

In order to pass the test Mitigate the Risk of Clickjacking with helmet.frameguard() i had to go back to version: 2.3.0
Then at the test Ask Browsers to Access Your Site via HTTPS Only with helmet.hsts() i had to use the lastest version atm 3.23.3
Then at the test Disable DNS Prefetching with helmet.dnsPrefetchControl() i had to go back to version 2.3.0

Hope this helps

1 Like

Hello,

For me “cors()” was missing.
require and use cors() in server.js

Hope this helps!

1 Like