2.1 KiB
2.1 KiB
id | title | challengeType | videoUrl | localeTitle |
---|---|---|---|---|
587d8248367417b2b2512c3c | Ask Browsers to Access Your Site via HTTPS Only with helmet.hsts() | 2 | 要求浏览器通过HTTPS访问您的站点仅限于使用helmet.hsts() |
Description
Instructions
Tests
tests:
- text: helmet.hsts()中间件应正确安装
testString: 'getUserInput => $.get(getUserInput("url") + "/_api/app-info").then(data => { assert.include(data.appStack, "hsts"); assert.property(data.headers, "strict-transport-security"); }, xhr => { throw new Error(xhr.responseText); })'
- text: maxAge应该等于7776000毫秒(90天)
testString: 'getUserInput => $.get(getUserInput("url") + "/_api/app-info").then(data => { assert.match(data.headers["strict-transport-security"], /^max-age=777600000;?/); }, xhr => { throw new Error(xhr.responseText); })'
Challenge Seed
Solution
// solution required