- How to obfuscate/hide information about server from headers in http responses? https://www.npmjs.com/package/helmet 3 comments javahelp
Linking pages
- GitHub - goldbergyoni/nodebestpractices: The Node.js best practices list (March 2023) https://github.com/i0natan/nodebestpractices 129 comments
- GitHub - goldbergyoni/nodebestpractices: :white_check_mark: The Node.js best practices list (December 2023) https://github.com/goldbergyoni/nodebestpractices 94 comments
- We’re under attack! 23+ Node.js security best practices | by Node.js Best Practices | Medium https://medium.com/@nodepractices/were-under-attack-23-node-js-security-best-practices-e33c146cb87d 61 comments
- Nodejs Security - OWASP Cheat Sheet Series https://cheatsheetseries.owasp.org/cheatsheets/Nodejs_Security_Cheat_Sheet.html 45 comments
- GitHub - dexteryy/spellbook-of-modern-webdev: A Big Picture, Thesaurus, and Taxonomy of Modern JavaScript Web Development https://github.com/dexteryy/spellbook-of-modern-webdev 32 comments
- Migrate Your Express Application to Fastify | AppSignal Blog https://blog.appsignal.com/2023/06/28/migrate-your-express-application-to-fastify.html 14 comments
- How requests are handled | Google App Engine standard environment docs | Google Cloud https://cloud.google.com/appengine/docs/standard/how-requests-are-handled?tab=node.js#streaming_responses 12 comments
- How to secure your web applications (Part 1) | ITNEXT https://medium.com/@geeostan8/how-to-secure-your-web-applications-part-1-cpas-3-715b72973623?sk=d6e529375ca1d2e75bb17685934ce78f&source=friends_link 11 comments
- Security for full-stack web developers: Part 1 - LogRocket Blog https://blog.logrocket.com/security-for-fullstack-web-developers-part-1-a56340283f7c 10 comments
- GitHub - bogeeee/restfuncs https://github.com/bogeeee/restfuncs 9 comments
- Understanding Cookies and Implementing them in Node.js | Engineering Education (EngEd) Program | Section https://www.section.io/engineering-education/what-are-cookies-nodejs/ 6 comments
- csp-by-api - npm https://www.npmjs.com/package/csp-by-api 3 comments
- Secure & Dockerize a MERN Stack App for Production | System Weakness https://systemweakness.com/dockerize-a-mern-stack-app-for-production-with-security-in-mind-part-i-f10c06a3b683 2 comments
- Best Practices for Securing Node.js Applications in Production - Semaphore https://semaphoreci.com/blog/securing-nodejs 1 comment
- The Referer header and the importance of the Referrer-Policy https://wanago.io/2022/03/28/referer-header-referrer-policy/ 0 comments
- How to Securely Implement OAuth in Vue.js - FusionAuth https://fusionauth.io/blog/2020/08/06/securely-implement-oauth-vuejs 0 comments
- Countering MIME sniffing with X-Content-Type-Options and Content-Type headers https://wanago.io/2022/03/14/mime-sniffing-x-content-type-options-content-type/ 0 comments
- http2-proxy - npm https://www.npmjs.com/package/http2-proxy 0 comments
- Use Puppeteer and Nodejs to take screenshots and PDFs — as a Service | by Christian Kaatz | ITNEXT https://chrkaatz.medium.com/use-puppeteer-and-nodejs-to-take-screenshots-and-pdfs-as-a-service-242c207ab851 0 comments
- The danger of iframe clickjacking and how to deal with it https://wanago.io/2022/03/21/iframe-clickjacking-x-frame-options-content-security-policy/ 0 comments
Linked pages
- Express - Node.js web application framework http://expressjs.com/ 389 comments
- Certificate Transparency - Web security | MDN https://developer.mozilla.org/en-US/docs/Web/Security/Certificate_Transparency 44 comments
- X-Content-Type-Options - HTTP | MDN https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options 19 comments
- X-XSS-Protection - HTTP | MDN https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection 11 comments
- Clickjacking - Wikipedia https://en.wikipedia.org/wiki/Clickjacking 5 comments
- Cross-Origin-Opener-Policy - HTTP | MDN https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Opener-Policy 0 comments
- Content Security Policy (CSP) - HTTP | MDN https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP 0 comments