From 86d3bb2de8bbd2085939fc4af7b5356b9dc577e2 Mon Sep 17 00:00:00 2001
From: obsessedyouth <52631736+obsessedyouth@users.noreply.github.com>
Date: Mon, 6 Jul 2020 22:03:11 +0100
Subject: [PATCH] fix(client): update middleware names of helmet.js tests
---
...le-dns-prefetching-with-helmet.dnsprefetchcontrol.english.md | 2 +-
...e-the-risk-of-clickjacking-with-helmet.frameguard.english.md | 2 +-
...-from-opening-untrusted-html-with-helmet.ienoopen.english.md | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/curriculum/challenges/english/09-information-security/information-security-with-helmetjs/disable-dns-prefetching-with-helmet.dnsprefetchcontrol.english.md b/curriculum/challenges/english/09-information-security/information-security-with-helmetjs/disable-dns-prefetching-with-helmet.dnsprefetchcontrol.english.md
index 891a34da6a..313a780214 100644
--- a/curriculum/challenges/english/09-information-security/information-security-with-helmetjs/disable-dns-prefetching-with-helmet.dnsprefetchcontrol.english.md
+++ b/curriculum/challenges/english/09-information-security/information-security-with-helmetjs/disable-dns-prefetching-with-helmet.dnsprefetchcontrol.english.md
@@ -23,7 +23,7 @@ To improve performance, most browsers prefetch DNS records for the links in a pa
```yml
tests:
- text: helmet.dnsPrefetchControl() middleware should be mounted correctly
- testString: getUserInput => $.get(getUserInput('url') + '/_api/app-info').then(data => { assert.include(data.appStack, 'dnsPrefetchControl'); assert.equal(data.headers['x-dns-prefetch-control'], 'off'); }, xhr => { throw new Error(xhr.responseText); })
+ testString: getUserInput => $.get(getUserInput('url') + '/_api/app-info').then(data => { assert.include(data.appStack, 'xDnsPrefetchControlMiddleware'); assert.equal(data.headers['x-dns-prefetch-control'], 'off'); }, xhr => { throw new Error(xhr.responseText); })
```
diff --git a/curriculum/challenges/english/09-information-security/information-security-with-helmetjs/mitigate-the-risk-of-clickjacking-with-helmet.frameguard.english.md b/curriculum/challenges/english/09-information-security/information-security-with-helmetjs/mitigate-the-risk-of-clickjacking-with-helmet.frameguard.english.md
index 87cb9d8934..267cdd0cf9 100644
--- a/curriculum/challenges/english/09-information-security/information-security-with-helmetjs/mitigate-the-risk-of-clickjacking-with-helmet.frameguard.english.md
+++ b/curriculum/challenges/english/09-information-security/information-security-with-helmetjs/mitigate-the-risk-of-clickjacking-with-helmet.frameguard.english.md
@@ -24,7 +24,7 @@ Use helmet.frameguard() passing with the configuration object $.get(getUserInput('url') + '/_api/app-info').then(data => { assert.include(data.appStack, 'frameguard', 'helmet.frameguard() middleware is not mounted correctly'); }, xhr => { throw new Error(xhr.responseText); })
+ testString: getUserInput => $.get(getUserInput('url') + '/_api/app-info').then(data => { assert.include(data.appStack, 'xFrameOptionsMiddleware', 'helmet.frameguard() middleware is not mounted correctly'); }, xhr => { throw new Error(xhr.responseText); })
- text: helmet.frameguard() 'action' should be set to 'DENY'
testString: getUserInput => $.get(getUserInput('url') + '/_api/app-info').then(data => { assert.property(data.headers, 'x-frame-options'); assert.equal(data.headers['x-frame-options'], 'DENY');}, xhr => { throw new Error(xhr.responseText); })
diff --git a/curriculum/challenges/english/09-information-security/information-security-with-helmetjs/prevent-ie-from-opening-untrusted-html-with-helmet.ienoopen.english.md b/curriculum/challenges/english/09-information-security/information-security-with-helmetjs/prevent-ie-from-opening-untrusted-html-with-helmet.ienoopen.english.md
index 0ca67ff345..2b31428bbe 100644
--- a/curriculum/challenges/english/09-information-security/information-security-with-helmetjs/prevent-ie-from-opening-untrusted-html-with-helmet.ienoopen.english.md
+++ b/curriculum/challenges/english/09-information-security/information-security-with-helmetjs/prevent-ie-from-opening-untrusted-html-with-helmet.ienoopen.english.md
@@ -23,7 +23,7 @@ Some web applications will serve untrusted HTML for download. Some versions of I
```yml
tests:
- text: helmet.ieNoOpen() middleware should be mounted correctly
- testString: getUserInput => $.get(getUserInput('url') + '/_api/app-info').then(data => { assert.include(data.appStack, 'ienoopen'); assert.equal(data.headers['x-download-options'], 'noopen'); }, xhr => { throw new Error(xhr.responseText); })
+ testString: getUserInput => $.get(getUserInput('url') + '/_api/app-info').then(data => { assert.include(data.appStack, 'xDownloadOptionsMiddleware'); assert.equal(data.headers['x-download-options'], 'noopen'); }, xhr => { throw new Error(xhr.responseText); })
```