To read more articles like this, visit my blog
Today, we will see how we can improve the security of a NodeJS application. There are lots of aspec...
For further actions, you may consider blocking this person and/or reporting abuse
I want to say congrats on helping spread awareness to application security in Node.js but honestly many of the takes here are not well communicated and will only result in frustration or worst, a security vulnerability.
One example, is the
That's it! You don't need to do anything else!statement after the first suggestion to use helmet. Helmet is a useful package but it's not going to prevent by itself XSS or Clickjacking.Similarly, you continue to write about preventing denial of service, but the toobusy package isn't by design adding any preventative measures and doesn't protect your Node.js server from suffering a denial of service attack.
from cors where is the corsOptions place to put in?
app.use(cors(corsOptions))Refer Here: npmjs.com/package/cors#configuring...
great effort
Noice!
good to know there is lots of pre built packages that helps lots of.
great
I love this "Nothing is bulletproof, but being safe doesn't hurt."