Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Node Cookbook
  • Toc
  • feedback
Node Cookbook

Node Cookbook

By : David Mark Clements, Matteo Collina, Elger, Mathias Buus Madsen
4.7 (3)
close
Node Cookbook

Node Cookbook

4.7 (3)
By: David Mark Clements, Matteo Collina, Elger, Mathias Buus Madsen

Overview of this book

Today's web demands efficient real-time applications and scalability. Asynchronous event-driven programming is ideal for this, and this is where Node.js comes in. Server-side JavaScript has been here since the 90s, but Node got it right. With Node for tooling and server-side logic, and a browser-based client-side UI, everything is JavaScript. This leads to rapid, fluid development cycles. The full-stack, single language experience means less context-switching between languages for developers, architects and whole teams. This book shows you how to build fast, efficient, and scalable client-server solutions using the latest versions of Node. The book begins with debugging tips and tricks of the trade, and how to write your own modules. Then you'll learn the fundamentals of streams in Node.js, discover I/O control, and how to implement the different web protocols. You'll find recipes for integrating databases such as MongoDB, MySQL/MariaDB, Postgres, Redis, and LevelDB. We also cover the options for building web application with Express, Hapi and Koa. You will then learn about security essentials in Node.js and advanced optimization tools and techniques. By the end of the book you will have acquired the level of expertise to build production-ready and scalable Node.js systems. The techniques and skills you will learn in this book are based on the best practices developed by nearForm, one of the leaders in Node implementations, who supported the work of the authors on this book.
Table of Contents (12 chapters)
close
close
Preface
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Free Chapter
1
Debugging process*
Debugging process*
Introduction
Debugging Node with Chrome Devtools
Enhancing stack trace output
Enabling debug logs
Enabling core debug logs
2
Writing Modules
Writing Modules
Introduction
Scaffolding a module
Installing dependencies
Writing module code
Publishing a module
Using a private repository
3
Coordinating I/O
Coordinating I/O
Introduction
Interfacing with standard I/O
Working with files
Fetching metadata
Watching files and directories
Communicating over sockets
4
Using Streams
Using Streams
Introduction
Processing Big Data
Using the pipe method
Piping streams in production
Creating transform streams
Creating readable and writable streams
Decoupling I/O
5
Wielding Web Protocols
Wielding Web Protocols
Introduction
Creating an HTTP server
Receiving POST data
Handling file uploads
Making an HTTP POST request
Communicating with WebSockets
Creating an SMTP server
6
Persisting to Databases
Persisting to Databases
Introduction
Connecting and sending SQL to a MySQL server
Connecting and sending SQL to a Postgres server
Storing and retrieving data with MongoDB
Storing and retrieving data with Redis
Embedded persistence with LevelDB
7
Working with Web Frameworks
Working with Web Frameworks
Introduction
Creating an express web app
Creating a Hapi web app
Creating a Koa web app
Adding a view layer
Adding logging
Implementing authentication
8
Dealing with Security
chevron up
Dealing with Security
Introduction
Detecting dependency vulnerabilities
Hardening headers in web frameworks
Anticipating malicious input
Guarding against Cross Site Scripting (XSS)
Preventing Cross Site Request Forgery
9
Optimizing Performance
Optimizing Performance
Introduction
Benchmarking HTTP
Finding bottlenecks with flamegraphs
Optimizing a synchronous function call
Optimizing asynchronous callbacks
Profiling memory
10
Building Microservice Systems
Building Microservice Systems
Introduction
Consuming a service
Setting up a development environment
Standardizing service boilerplate
Using containerized infrastructure
Service discovery with DNS
Adding a Queue Based Service
11
Deploying Node.js
Deploying Node.js
Introduction
Building a container for a Node.js process
Running a Docker registry
Storing images on DockerHub
Deploying a container to Kubernetes
Creating a deployment pipeline
Deploying a full system
Deploying to the cloud

Preventing Cross Site Request Forgery

The browser security model, where a session cookie is valid globally among all windows/tabs, allows for a request to be made with the privileges of the logged in user.

Where Cross Site Scripting (XSS) is making code delivered through one place (be it a malicious site, email, text message, downloaded file, and so on), execute on another site, Cross Site Request Forgery is the act of making a request from one place (again either a malicious site or otherwise) to another site that a user is logged into - that is where they have an open HTTP Session.

In short, XSS is running malicious code on another site and CSRF is making a request to another site that executes an action on a logged in users behalf.

In this recipe, we're going to secure a server against CSRF attacks.

...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
End of Chapter 8
Next Chapter
bookmark search playlist download
font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete