Test Not Working (Challenge Completion)

Tell us what’s happening:

When I try to test my answer, it tells me that my middleware should be mounted correctly even thougth it is correct (I checked on the hints).
I am strictly following the documentation of helmet and the test seems to be broken.
Previous answers worked fine with Glitch.

Your code so far

var express = require('express');
var app = express();             

const helmet = require('helmet');

        ... Previous steps ...

/** 6) Prevent IE from opening *untrusted* HTML - `helmet.ieNoOpen()` */

// Some web applications will serve untrusted HTML for download. By default,
// some versions of Internet Explorer will allow you to open those HTML files
// in the context of your site, which means that an untrusted HTML page could
// start doing bad things inside your pages.
// This middleware sets the `X-Download-Options` header to `noopen`,
// to prevent IE users from executing downloads in the *trusted* site's context.

// Use `helmet.ieNoOpen()`


Your browser information:

User Agent is: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36 OPR/68.0.3618.142.

Challenge: Prevent IE from Opening Untrusted HTML with helmet.ieNoOpen()

Link to the challenge:

Thanks a lot !

I have same problem and can’t find help anywhere, I am 100% sure my code is correct. :frowning:

@places_m, @aelmosalamy, please note: Glitch has been unstable, for the past few weeks, and is likely the cause of the issues.

You can follow the status of Glitch here: https://status.glitch.com/

Hope this helps

I tried this fix : Infosec ieNoOpen failed on test run
But it didn’t work… It is somehow the exact same situation but the fix doesn’t do much for me.
Tell me if that helped you @aelmosalamy

Fixed using “helmet”: “3.21.0” in the package.json


dependencies {
        // ...
        "ienoopen": "1.1.0"


const ieNoOpen = require('ienoopen')

Didn’t tried this since it worked when I used “helmet”: “3.21.0” instead of the latest version but this may be another workaround.