678 B
678 B
title |
---|
Ask Browsers to Access Your Site via HTTPS Only with helmet.hsts() |
Ask Browsers to Access Your Site via HTTPS Only with helmet.hsts()
Hint
- You want your
app
touse
helmet'shsts()
method. - Don't forget to give the methed the appropriate
maxAge
andforce
configurations.
Solution
- In the
myApp.js
file, create a variable to use for themaxAge
configuration by addingvar ninetyDaysInMilliseconds = 90*24*60*60*1000;
under the seventh instructions. - Then, on the next line add
app.use(helmet.hsts({ maxAge: ninetyDaysInMilliseconds, force: true }));
.
Note: Be sure to submit the link to the live demo of your project.