Complete the code to import Helmet in an Express app.
const express = require('express'); const [1] = require('helmet'); const app = express();
You import Helmet by requiring 'helmet' and assigning it to a variable, usually named helmet.
Complete the code to use Helmet middleware in the Express app.
const app = express();
app.[1](helmet());To add middleware in Express, you use app.use(). Helmet is middleware, so you call app.use(helmet()).
Fix the error in the code to correctly set Helmet's contentSecurityPolicy option.
app.use(helmet({ contentSecurityPolicy: [1] }));To disable the contentSecurityPolicy in Helmet, you set contentSecurityPolicy: false. Using true or a string causes errors.
Fill both blanks to configure Helmet to disable frameguard and enable hsts with maxAge 1 year.
app.use(helmet({ frameguard: [1], hsts: { maxAge: [2] } }));Setting frameguard to false disables it. The hsts maxAge is in seconds; 1 year is 31536000 seconds.
Fill all three blanks to create a Helmet config that disables dnsPrefetchControl, enables referrerPolicy with 'no-referrer', and sets crossOriginEmbedderPolicy to true.
app.use(helmet({ dnsPrefetchControl: [1], referrerPolicy: { policy: '[2]' }, crossOriginEmbedderPolicy: [3] }));To disable dnsPrefetchControl, set it to false. The referrerPolicy string 'no-referrer' disables sending referrer info. crossOriginEmbedderPolicy is a boolean, so true enables it.