Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Node Cookbook

You're reading from   Node Cookbook Discover solutions, techniques, and best practices for server-side web development with Node.js 14

Arrow left icon
Product type Paperback
Published in Nov 2020
Publisher Packt
ISBN-13 9781838558758
Length 512 pages
Edition 4th Edition
Languages
Tools
Arrow right icon
Author (1):
Arrow left icon
Bethany Griggs Bethany Griggs
Author Profile Icon Bethany Griggs
Bethany Griggs
Arrow right icon
View More author details
Toc

Table of Contents (14) Chapters Close

Preface 1. Chapter 1: Introducing Node.js 14 2. Chapter 2: Handling I/O FREE CHAPTER 3. Chapter 3: Streams, Streams, Streams 4. Chapter 4: Using Web Protocols 5. Chapter 5: Developing Node.js modules 6. Chapter 6: Exploring Node.js web Frameworks 7. Chapter 7: Working with Databases 8. Chapter 8: Testing with Node.js 9. Chapter 9: Securing Node.js Applications 10. Chapter 10: Performance Optimization 11. Chapter 11: Deploying Node.js Microservices 12. Chapter 12: Debugging Node.js 13. Other Books You May Enjoy

Guarding against cross-site request forgery attacks

CSRF is an attack where a malicious web application causes a user's web browser to execute an action on another trusted web application where the user is logged in.

In this recipe, we're going to learn how we would secure an Express.js server against CSRF attacks.

Important Note

Browser security has improved significantly in recent years. It's very difficult to replicate a CSRF attack on any modern browser. However, as there are still many users on older browsers, it's important to understand how these attacks work and how to protect against them. In the recipe, we will replicate a CSRF attack on the same domain. Refer to the Developers: Get Ready for New SameSite=None; Secure Cookie Settings (https://blog.chromium.org/2019/10/developers-get-ready-for-new.html) Chromium blog, which covers some of the updates that have been made to Google Chrome to prevent CSRF attacks.

Getting ready

  1. Start by...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image