1.6 KiB
1.6 KiB
id | title | challengeType | forumTopicId |
---|---|---|---|
587d8247367417b2b2512c37 | Hide Potentially Dangerous Information Using helmet.hidePoweredBy() | 2 | 301580 |
Description
helmet.hidePoweredBy()
middleware will remove the X-Powered-By header. You can also explicitly set the header to something else, to throw people off. e.g. app.use(helmet.hidePoweredBy({ setTo: 'PHP 4.2.0' }))
Instructions
Tests
tests:
- text: helmet.hidePoweredBy() middleware should be mounted correctly
testString: getUserInput => $.get(getUserInput('url') + '/_api/app-info').then(data => { assert.include(data.appStack, 'hidePoweredBy'); assert.notEqual(data.headers['x-powered-by'], 'Express')}, xhr => { throw new Error(xhr.responseText); })
Challenge Seed
Solution
/**
Backend challenges don't need solutions,
because they would need to be tested against a full working project.
Please check our contributing guidelines to learn more.
*/