0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Node Cookbook

You're reading from Node Cookbook Discover solutions, techniques, and best practices for server-side web development with Node.js 14

Product type Paperback

Published in Nov 2020

Publisher Packt

ISBN-13 9781838558758

Length 512 pages

Edition 4th Edition

Languages

JavaScript

Tools

Node.js

Concepts

Server Side Web Development

Author (1):

Bethany Griggs

View More author details

Table of Contents (14) Chapters

Preface

1. Chapter 1: Introducing Node.js 14

2. Chapter 2: Handling I/O FREE CHAPTER

3. Chapter 3: Streams, Streams, Streams

4. Chapter 4: Using Web Protocols

5. Chapter 5: Developing Node.js modules

6. Chapter 6: Exploring Node.js web Frameworks

7. Chapter 7: Working with Databases

8. Chapter 8: Testing with Node.js

9. Chapter 9: Securing Node.js Applications

10. Chapter 10: Performance Optimization

11. Chapter 11: Deploying Node.js Microservices

12. Chapter 12: Debugging Node.js

13. Other Books You May Enjoy

Leave a review - let other readers know what you think

Preventing cross-site scripting attacks

XSS attacks are client-side injection attacks where malicious scripts are injected into websites. XSS vulnerabilities are very dangerous, as they can compromise trusted websites.

In this recipe, we're going to demonstrate an XSS vulnerability and learn how we can protect against them.

Getting ready

In this recipe, we'll create an Express.js server that is vulnerable to an XSS attack. We must first create the vulnerable Express.js server:

Let's first create a directory to work in:

$ mkdir express-xss
$ cd express-xss
$ npm init --yes

Now, we need to install express:
```
$ npm install express
```
Create a file to store the Express.js server:
```
$ touch server.js
```
Add the following to server.js. This will create a server that renders a simple HTML web page that is susceptible to an XSS attack:
```
const express = require("express");
const app = express();
app.get("/", (req, res) => {
  const...
```

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (1)

Bethany Griggs

Bethany Griggs

Bethany Griggs is a senior software engineer at Red Hat. With a strong background in software engineering, Bethany has been actively involved in the Node.js community since 2016. She began her career with Node.js at IBM as part of their Node.js Runtime Team, contributing to the project's growth and stability by serving on the Node.js Technical Steering Committee and being an active member of the Node.js Release Working Group. Bethany is committed to the stability and growth of open source technologies and their communities. A frequent speaker at industry conferences, she shares insights on Node.js and software development. She aims to continue to enhance developer experiences, driving innovation while maintaining the robustness and stability of the tools and platforms.

See other products by Bethany Griggs

Other recommended products

Related to this chapter

Today's web demands efficient real-time applications and scalability. Asynchronous event-driven programming is ideal for this, and this is where Node.js comes in. Server-side JavaScript has been here since the 90s, but Node got it right. With Node for tooling and server-side logic, and a browser-based client-side UI, everything is JavaScript. This leads to rapid, fluid development cycles. The full-stack, single language experience means less context-switching between languages for developers, architects and whole teams.

Jul 2017 21h 52m

Today's web demands efficient real-time applications and scalability. Asynchronous event-driven programming is ideal for this, and this is where Node.js comes in. Server-side JavaScript has been here since the 90s, but Node got it right. With Node for tooling and server-side logic, and a browser-based client-side UI, everything is JavaScript. This leads to rapid, fluid development cycles. The full-stack, single language experience means less context-switching between languages for developers, architects and whole teams.

Jul 2017 21h 52m

Today's web demands efficient real-time applications and scalability. Asynchronous event-driven programming is ideal for this, and this is where Node.js comes in. Server-side JavaScript has been here since the 90s, but Node got it right. With Node for tooling and server-side logic, and a browser-based client-side UI, everything is JavaScript. This leads to rapid, fluid development cycles. The full-stack, single language experience means less context-switching between languages for developers, architects and whole teams.

Jul 2017 21h 52m

Server Side development with Node.js and Koa.js Quick Start Guide

Server Side development with Node.js and Koa.js Quick Start Guide

Every developer wants to build modular and scalable web applications. Modern versions of the JavaScript language have made this possible in Node.js, and Koa is a Node.js framework that makes it easy. This book is the ideal introduction for JavaScript developers who want to create scalable serverside applications using Node.js and Koa.js.

Nov 2018 4h 24m

Server Side development with Node.js and Koa.js Quick Start Guide

Server Side development with Node.js and Koa.js Quick Start Guide

Every developer wants to build modular and scalable web applications. Modern versions of the JavaScript language have made this possible in Node.js, and Koa is a Node.js framework that makes it easy. This book is the ideal introduction for JavaScript developers who want to create scalable serverside applications using Node.js and Koa.js.

Nov 2018 4h 24m

MERN Quick Start Guide

MERN Quick Start Guide

The MERN stack is a collection of great tools – MongoDB, ExpressJS, React, and Node – that provide a strong base for a developer to build easily maintainable web applications. With each of them a JavaScript or JavaScript-based technology, the shared programming language means it takes less time to develop web applications.

May 2018 10h 4m

MERN Quick Start Guide

MERN Quick Start Guide

The MERN stack is a collection of great tools – MongoDB, ExpressJS, React, and Node – that provide a strong base for a developer to build easily maintainable web applications. With each of them a JavaScript or JavaScript-based technology, the shared programming language means it takes less time to develop web applications.

May 2018 10h 4m

MERN Quick Start Guide

MERN Quick Start Guide

The MERN stack is a collection of great tools – MongoDB, ExpressJS, React, and Node – that provide a strong base for a developer to build easily maintainable web applications. With each of them a JavaScript or JavaScript-based technology, the shared programming language means it takes less time to develop web applications.

May 2018 10h 4m

MERN Quick Start Guide

MERN Quick Start Guide

The MERN stack is a collection of great tools – MongoDB, ExpressJS, React, and Node – that provide a strong base for a developer to build easily maintainable web applications. With each of them a JavaScript or JavaScript-based technology, the shared programming language means it takes less time to develop web applications.

May 2018 10h 4m

MERN Quick Start Guide

MERN Quick Start Guide

The MERN stack is a collection of great tools – MongoDB, ExpressJS, React, and Node – that provide a strong base for a developer to build easily maintainable web applications. With each of them a JavaScript or JavaScript-based technology, the shared programming language means it takes less time to develop web applications.

May 2018 10h 4m

MERN Quick Start Guide

MERN Quick Start Guide

The MERN stack is a collection of great tools – MongoDB, ExpressJS, React, and Node – that provide a strong base for a developer to build easily maintainable web applications. With each of them a JavaScript or JavaScript-based technology, the shared programming language means it takes less time to develop web applications.

May 2018 10h 4m

Hands-On RESTful Web Services with TypeScript 3

Hands-On RESTful Web Services with TypeScript 3

With RESTful strategy, you can create APIs for every medium such as mobile apps, web apps, and so on. In the development world, serving data is the key ingredient to developing comprehensive applications. This book will help you achieve this with the help of RESTful APIs.

Mar 2019 15h 40m

Personalised recommendations for you

Based on your interests and search pattern

Modern Full-Stack React Projects

Modern Full-Stack React Projects

Full-Stack React Projects is a complete guide to learning full-stack web development, understanding the creation and integration of backend systems, and advancing your career as a frontend developer.

Jun 2024 16h 52m

Mastering Node.js Web Development

Mastering Node.js Web Development

Explore Node.js with practical examples that will teach you how to utilize open-source packages for real-world solutions. Gain the skills to develop and deploy server-side applications that enhance your client-side projects.

Jun 2024 25h 56m

Reactive Patterns with RxJS and Angular Signals

Reactive Patterns with RxJS and Angular Signals

This RxJS book will help you understand the core concepts of RxJS and provide practical patterns to make your code more reactive and declarative. You'll also understand Angular Signals, which provide another way to improve code reactivity.

Jul 2024 8h 28m

API Testing and Development with Postman

API Testing and Development with Postman

Whether you are a tester or a developer working with APIs, you'll be able to put your knowledge to work with this practical guide to using Postman. The book provides a hands-on approach to implementing and learning the associated methodologies that will have you up-and-running and productive in no time.

Jun 2024 11h 56m

API Testing and Development with Postman

API Testing and Development with Postman

Whether you are a tester or a developer working with APIs, you'll be able to put your knowledge to work with this practical guide to using Postman. The book provides a hands-on approach to implementing and learning the associated methodologies that will have you up-and-running and productive in no time.

Jun 2024 11h 56m

FastAPI Cookbook

FastAPI Cookbook

This book helps you unlock the power of FastAPI to build high-performing web apps and APIs by taking you through the basics like routing and data validation through to advanced topics, such as custom middleware and WebSockets.

Aug 2024 11h 56m

Mastering Spring Boot 3.0

Mastering Spring Boot 3.0

This hands-on guide empowers you to develop scalable and efficient applications. You'll also learn microservices patterns, reactive programming, and security measures for building robust backend systems.

Jun 2024 8h 32m

Nuxt 3 Projects

Nuxt 3 Projects

This book is a comprehensive guide to Nuxt.js, which takes you from the basics to advanced topics. Uniquely, this book emphasizes practical, project-based learning, tackling real-world problems.

Jun 2024 7h 40m

Vue.js 3 for Beginners

Vue.js 3 for Beginners

Learning a new language by following video tutorials, blog posts, and documentation is a tiresome activity. This book will take you on an exciting journey of becoming a proficient Vue.js developer through a practical, step-by-step approach.

Sep 2024 10h 4m

Full-Stack Web Development with TypeScript 5

Full-Stack Web Development with TypeScript 5

The book emphasizes best practices, debugging, performance optimization, and scalable code structure, helping you develop practical skills in frontend and backend development, database integration, and AI integration.

Mastering Flask Web and API Development

Mastering Flask Web and API Development

The book is an introduction to Flask that will showcase its baseline, core, and advanced integration features to enable you to solve enterprise-related problems and issues in both web and API development.

Aug 2024 16h 28m