freeCodeCamp/curriculum/challenges/italian/09-information-security/information-security-with-h.../hide-potentially-dangerous-...

---
id: 587d8247367417b2b2512c37
title: Nascondere informazioni potenzialmente pericolose usando helmet.hidePoweredBy()
challengeType: 2
forumTopicId: 301580
dashedName: hide-potentially-dangerous-information-using-helmet-hidepoweredby
---

# --description--

Come promemoria, questo progetto verrà costruito a partire dalla seguente bozza su <a href="https://replit.com/github/freeCodeCamp/boilerplate-infosec" target="_blank" rel="noopener noreferrer nofollow">Replit</a>, o clonato da <a href="https://github.com/freeCodeCamp/boilerplate-infosec/" target="_blank" rel="noopener noreferrer nofollow">GitHub</a>.

Gli hacker possono sfruttare le vulnerabilità conosciute in Express/Node se vedono che il tuo sito è alimentato da Express. `X-Powered-By: Express` viene inviato in ogni richiesta proveniente da Express per impostazione predefinita. Usa il middleware `helmet.hidePoweredBy()` per rimuovere l'intestazione X-Powered-By.

# --hints--

Il middleware helmet.hidePoweredBy() deve essere montato correttamente

```js
(getUserInput) =>
  $.get(getUserInput('url') + '/_api/app-info').then(
    (data) => {
      assert.include(data.appStack, 'hidePoweredBy');
      assert.notEqual(data.headers['x-powered-by'], 'Express');
    },
    (xhr) => {
      throw new Error(xhr.responseText);
    }
  );
```

# --solutions--

```js
/**
  Backend challenges don't need solutions, 
  because they would need to be tested against a full working project. 
  Please check our contributing guidelines to learn more.
*/
```
feat: enable new langs (#42491) Enable italian and portuguese 2021-06-15 07:49:18 +00:00			`---`
			`id: 587d8247367417b2b2512c37`
chore(i18n,curriculum): update translations (#42930) 2021-07-19 16:52:21 +00:00			`title: Nascondere informazioni potenzialmente pericolose usando helmet.hidePoweredBy()`
feat: enable new langs (#42491) Enable italian and portuguese 2021-06-15 07:49:18 +00:00			`challengeType: 2`
			`forumTopicId: 301580`
			`dashedName: hide-potentially-dangerous-information-using-helmet-hidepoweredby`
			`---`

			`# --description--`

chore(i18n,learn): processed translations (#46711) 2022-06-29 14:36:55 +00:00			`Come promemoria, questo progetto verrà costruito a partire dalla seguente bozza su <a href="https://replit.com/github/freeCodeCamp/boilerplate-infosec" target="_blank" rel="noopener noreferrer nofollow">Replit</a>, o clonato da <a href="https://github.com/freeCodeCamp/boilerplate-infosec/" target="_blank" rel="noopener noreferrer nofollow">GitHub</a>.`
feat: enable new langs (#42491) Enable italian and portuguese 2021-06-15 07:49:18 +00:00
chore(i18n,curriculum): update translations (#42930) 2021-07-19 16:52:21 +00:00			Gli hacker possono sfruttare le vulnerabilità conosciute in Express/Node se vedono che il tuo sito è alimentato da Express. `X-Powered-By: Express` viene inviato in ogni richiesta proveniente da Express per impostazione predefinita. Usa il middleware `helmet.hidePoweredBy()` per rimuovere l'intestazione X-Powered-By.
feat: enable new langs (#42491) Enable italian and portuguese 2021-06-15 07:49:18 +00:00
			`# --hints--`

chore(i18n,curriculum): update translations (#42930) 2021-07-19 16:52:21 +00:00			`Il middleware helmet.hidePoweredBy() deve essere montato correttamente`
feat: enable new langs (#42491) Enable italian and portuguese 2021-06-15 07:49:18 +00:00
			```js
			`(getUserInput) =>`
			`$.get(getUserInput('url') + '/_api/app-info').then(`
			`(data) => {`
			`assert.include(data.appStack, 'hidePoweredBy');`
			`assert.notEqual(data.headers['x-powered-by'], 'Express');`
			`},`
			`(xhr) => {`
			`throw new Error(xhr.responseText);`
			`}`
			`);`
			```

			`# --solutions--`

			```js
			`/**`
			`Backend challenges don't need solutions,`
			`because they would need to be tested against a full working project.`
			`Please check our contributing guidelines to learn more.`
			`*/`
			```