Explore adding secured HTTP headers to server communications.
- Helmet is a great package…that automatically adds 12 http security headers…to your application with a few simple lines.…So go to helmetjs.github.io, and once you get to this site,…you'll see that it's very simple to set up.…So, if we scroll down, so if you don't do anything else…but the simple setup that we see here,…you're gonna get all these headers by default,…so all the ones that says default here and cross-checked,…that means you get this automatically.…So you get dnsPrefetchControl.…
You get frameguard for clickjacking.…You get remove the X-Powered-By header.…You also get HTTP Strict Transport Security,…and so on, so forth.…So if you want to get more details on any of this,…all you have to do is click here,…and you're gonna get what is the actual attack,…how does the header protect you, and so on, so forth.…If you want to install any of the other ones,…like noCache, and so on, so forth,…it'll show you in the actual information here,…how to set it up within the actual code.…
So, for example in this case, we would do something like…
- OWASP resources and security threats
- Cross-site scripting and denial of service attacks
- Managing packages in a Node.js app
- Adding two-factor and read-only tokens with npm
- Using prepared statements for SQL/NoSQL
- Encrypting user data and session management
- Adding HTTPS protocol to an application
- Using cookie attributes
- Tools for testing
Skill Level Intermediate
Node.js: Deploying Applicationswith Kirsten Hunter1h 24m Intermediate
Node.js: Debugging and Performance Tuningwith Jon Peck2h 44m Intermediate
1. Security Overview
OWASP top 10 in Node.js2m 22s
2. Best Practices: Packages
3. Best Practices: Data
4. Best Practices: Server Level
5. Tools for Testing
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.