Did you configure Heroku to use myApp.js and not server.js? I would start looking into ways to verify that the test is using myApp.js and not server.js.
yes as you can see on the github repo I included in the problem description.
I’ve completed 10/14 of the challenges Information Security with HelmetJS, so it’s just this one that’s broken.
Also this code snippet proves my code is working as intended.
fetch("my-heroku-url-here").then(response => {
console.log(response.headers.get("X-Powered-By") === "Express") // prints false
console.log(response.headers.get("X-Powered-By")) // prints null
console.log(response.headers.get("Server")) // prints Cowboy
})
You are using var app = express(); in both myApp.js and server.js so I think you have two instances of express and only of them is using helmet.hidePoweredBy. Is that intentional?
I haven’t touched server.js as the instructions told me to stay away from it, it remains the same as on the original template-repo boilerplate-infosec/ so that shouldn’t be an issue.
I’m getting some weird behavior with this challenge on replit. After server is run, first submission try will fail, but next ones will pass. Is it the same for you?
Try this. On the submit page open the dev tools F12, go to the Network tab and check the “Disable cache” option at the top, do a hard refresh (Shift + Ctrl + R) now try the submit with the dev tools open.
You can also try using app.disable("x-powered-by") in myApp at the top after the helmetjs middleware as that seems to be the test that was failing for me sometimes.
For me, the test is failing constantly regardless whether I’m using Firefox or Chrome. I’ve tried ctrl + shift + R as well, I’ve also tried hosting it on both replit and heroku thinking it might be some hosting issue.
I’m doing great with the other challenges, but just this one in particular is problematic. I’ve tried the app.disable() option as well without success.
So I went ahead to give it a try.
First I submitted the link without disabling the cache, and the test failed.
I disabled the cache in dev tools and the test passed.
Would be great if free-code-camp could update the instructions Perhaps make the instructions open-source. I couldn’t find it on github, else I’d submit a PR.
Thank you
This is the source for the challenge, with the instructions and tests. If you want to contribute, please read our contributing guidelines first.
Just to be clear, what I posted isn’t instructions, it’s just a possible fix for whatever is going wrong. It shouldn’t be happening. I’m not sure what is going on. I have also seen it pass if you just keep submitting and then suddenly it just works.