2018-10-10 18:03:03 -04:00
|
|
|
---
|
|
|
|
|
id: 587d8248367417b2b2512c3c
|
|
|
|
|
title: Ask Browsers to Access Your Site via HTTPS Only with helmet.hsts()
|
|
|
|
|
challengeType: 2
|
|
|
|
|
videoUrl: ''
|
|
|
|
|
localeTitle: ''
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
## Description
|
|
|
|
|
undefined
|
|
|
|
|
|
|
|
|
|
## Instructions
|
|
|
|
|
undefined
|
|
|
|
|
|
|
|
|
|
## Tests
|
|
|
|
|
<section id='tests'>
|
|
|
|
|
|
|
|
|
|
```yml
|
|
|
|
|
tests:
|
|
|
|
|
- text: ''
|
|
|
|
|
testString: 'getUserInput => $.get(getUserInput("url") + "/_api/app-info").then(data => { assert.include(data.appStack, "hsts"); assert.property(data.headers, "strict-transport-security"); }, xhr => { throw new Error(xhr.responseText); })'
|
|
|
|
|
- text: ''
|
2019-10-23 21:35:34 +05:30
|
|
|
testString: 'getUserInput => $.get(getUserInput("url") + "/_api/app-info").then(data => { assert.match(data.headers["strict-transport-security"], /^max-age=7776000;?/); }, xhr => { throw new Error(xhr.responseText); })'
|
2018-10-10 18:03:03 -04:00
|
|
|
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
</section>
|
|
|
|
|
|
|
|
|
|
## Challenge Seed
|
|
|
|
|
<section id='challengeSeed'>
|
|
|
|
|
|
|
|
|
|
</section>
|
|
|
|
|
|
|
|
|
|
## Solution
|
|
|
|
|
<section id='solution'>
|
|
|
|
|
|
|
|
|
|
```js
|
|
|
|
|
// solution required
|
|
|
|
|
```
|
|
|
|
|
</section>
|
