2.5 KiB
2.5 KiB
id | title | challengeType | videoUrl | localeTitle |
---|---|---|---|---|
587d8248367417b2b2512c3c | Ask Browsers to Access Your Site via HTTPS Only with helmet.hsts() | 2 | Pida a los navegadores que accedan a su sitio a través de HTTPS solo con helmet.hsts () |
Description
Instructions
Tests
tests:
- text: casco.hsts () middleware debe ser montado correctamente
testString: 'getUserInput => $.get(getUserInput("url") + "/_api/app-info").then(data => { assert.include(data.appStack, "hsts"); assert.property(data.headers, "strict-transport-security"); }, xhr => { throw new Error(xhr.responseText); })'
- text: maxAge debe ser igual a 7776000 ms (90 días)
testString: 'getUserInput => $.get(getUserInput("url") + "/_api/app-info").then(data => { assert.match(data.headers["strict-transport-security"], /^max-age=777600000;?/); }, xhr => { throw new Error(xhr.responseText); })'
Challenge Seed
Solution
// solution required