From 57d5b55d756a436775b821f3dbfc40a187c56516 Mon Sep 17 00:00:00 2001
From: Glyn L <glyn_92@hotmail.com>
Date: Wed, 5 Sep 2018 10:57:16 +1000
Subject: [PATCH] fix(challenges): adding code tags to description

frames and other code in description were not surrounded by <code> tags and rendering poorly on
page.

ISSUES CLOSED: #17911-freecodecamp
---
 .../helmetjs.json                                             | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/challenges/06-information-security-and-quality-assurance/helmetjs.json b/challenges/06-information-security-and-quality-assurance/helmetjs.json
index 1b8c8759df..eac9213c44 100644
--- a/challenges/06-information-security-and-quality-assurance/helmetjs.json
+++ b/challenges/06-information-security-and-quality-assurance/helmetjs.json
@@ -51,8 +51,8 @@
       "title": "Mitigate the Risk of Clickjacking with helmet.frameguard()",
       "description": [
         "As a reminder, this project is being built upon the following starter project on <a href='https://glitch.com/#!/import/github/freeCodeCamp/boilerplate-infosec/'>Glitch</a>, or cloned from <a href='https://github.com/freeCodeCamp/boilerplate-infosec/'>GitHub</a>.",
-        "Your page could be put in a &lt;frame&gt; or &lt;iframe&gt; without your consent. This can result in clickjacking attacks, among other things. Clickjacking is a technique of tricking a user into interacting with a page different from what the user thinks it is. This can be obtained executing your page in a malicious context, by mean of iframing. In that context a hacker can put a hidden layer over your page. Hidden buttons can be used to run bad scripts. This middleware sets the X-Frame-Options header. It restricts who can put your site in a frame. It has three modes: DENY, SAMEORIGIN, and ALLOW-FROM.",
-        "We don’t need our app to be framed. You should use helmet.frameguard() passing with the configuration object {action: 'deny'}."
+        "Your page could be put in a <code>&lt;frame&gt;</code> or <code>&lt;iframe&gt;</code> without your consent. This can result in clickjacking attacks, among other things. Clickjacking is a technique of tricking a user into interacting with a page different from what the user thinks it is. This can be obtained executing your page in a malicious context, by mean of iframing. In that context a hacker can put a hidden layer over your page. Hidden buttons can be used to run bad scripts. This middleware sets the X-Frame-Options header. It restricts who can put your site in a frame. It has three modes: DENY, SAMEORIGIN, and ALLOW-FROM.",
+        "We don’t need our app to be framed. You should use <code>helmet.frameguard()</code> passing with the configuration object <code>{action: 'deny'}</code>."
       ],
       "tests": [
         {