* replace repl.it with replit.com in the English version Replace repl.it to replit.com in the English version. Chinese and Spanish versions have the same issue. * Updated the repl.it to replit.com or Replit I changed the text from replit.com to Replit and added the changes to the files outside the curriculum folder. * Forgot removing one .com. There was on Replit.com that I missed when I reviewed the files. * Resolve conflicts I got an unable to auto merge so resolving conflicts and trying again. * try committing conflicts again * Trying the conflicts again * chore: fix typo in personal library Co-authored-by: Shaun Hamilton <51722130+ShaunSHamilton@users.noreply.github.com> Co-authored-by: gemmaf98 <44875585+gemmaf98@users.noreply.github.com> Co-authored-by: Mrugesh Mohapatra <1884376+raisedadead@users.noreply.github.com> Co-authored-by: Shaun Hamilton <51722130+ShaunSHamilton@users.noreply.github.com>
1.6 KiB
id, title, challengeType, forumTopicId, dashedName
id | title | challengeType | forumTopicId | dashedName |
---|---|---|---|---|
587d8248367417b2b2512c3d | Disable DNS Prefetching with helmet.dnsPrefetchControl() | 2 | 301577 | disable-dns-prefetching-with-helmet-dnsprefetchcontrol |
--description--
As a reminder, this project is being built upon the following starter project on Replit, or cloned from GitHub.
To improve performance, most browsers prefetch DNS records for the links in a page. In that way the destination ip is already known when the user clicks on a link. This may lead to over-use of the DNS service (if you own a big website, visited by millions people…), privacy issues (one eavesdropper could infer that you are on a certain page), or page statistics alteration (some links may appear visited even if they are not). If you have high security needs you can disable DNS prefetching, at the cost of a performance penalty.
--instructions--
Use the helmet.dnsPrefetchControl()
method on your server.
--hints--
helmet.dnsPrefetchControl() middleware should be mounted correctly
(getUserInput) =>
$.get(getUserInput('url') + '/_api/app-info').then(
(data) => {
assert.include(data.appStack, 'dnsPrefetchControl');
assert.equal(data.headers['x-dns-prefetch-control'], 'off');
},
(xhr) => {
throw new Error(xhr.responseText);
}
);
--solutions--
/**
Backend challenges don't need solutions,
because they would need to be tested against a full working project.
Please check our contributing guidelines to learn more.
*/