Your node.js implementation doesn't sanitize static file path, allowing an attacker to load any file from disk. Framework would have likely prevented that :)
That said, I also prefer to plug in individual libraries into my own architecture rather than hack around some framework's quirks or, God forbid, try to glue several of them together. Especially in the node ecosystem, which lacks real batteries included mega-frameworks a-la .NET.
Your approach in that todomvc code of doing everything from scratch is going a bit too far for my taste, though.
Your node.js implementation doesn't sanitize static file path, allowing an attacker to load any file from disk. Framework would have likely prevented that :)
Totally! It's definitely going too far. I'd probably add in a routing library too.
I'd love to see a pull request to add your Node implementation if you're up for it!
A framework that parses incoming requests and calls your code is exactly the right choice for the problem of responding to web requests at multiple endpoints. Not for every problem, but for this one, yes.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Your node.js implementation doesn't sanitize static file path, allowing an attacker to load any file from disk. Framework would have likely prevented that :)
That said, I also prefer to plug in individual libraries into my own architecture rather than hack around some framework's quirks or, God forbid, try to glue several of them together. Especially in the node ecosystem, which lacks real batteries included mega-frameworks a-la .NET.
Your approach in that todomvc code of doing everything from scratch is going a bit too far for my taste, though.
Totally! It's definitely going too far. I'd probably add in a routing library too.
I'd love to see a pull request to add your Node implementation if you're up for it!
Sorry, it's not worth fixing IMO.
A framework that parses incoming requests and calls your code is exactly the right choice for the problem of responding to web requests at multiple endpoints. Not for every problem, but for this one, yes.