Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Node Cookbook Actionable solutions for the full spectrum of Node.js 8 development

Product type Paperback

Published in Jul 2017

Publisher Packt

ISBN-13 9781785880087

Length 656 pages

Edition 3rd Edition

Languages

JavaScript

Tools

Node.js

Concepts

Server Side Web Development

Authors (4):

David Mark Clements

Peter Elger

Mathias Buus Madsen

Matteo Collina

View More author details

Table of Contents (12) Chapters

Preface

1. Debugging process*

2. Writing Modules FREE CHAPTER

3. Coordinating I/O

4. Using Streams

5. Wielding Web Protocols

6. Persisting to Databases

7. Working with Web Frameworks

8. Dealing with Security

9. Optimizing Performance

10. Building Microservice Systems

11. Deploying Node.js

Preventing Cross Site Request Forgery

The browser security model, where a session cookie is valid globally among all windows/tabs, allows for a request to be made with the privileges of the logged in user.

Where Cross Site Scripting (XSS) is making code delivered through one place (be it a malicious site, email, text message, downloaded file, and so on), execute on another site, Cross Site Request Forgery is the act of making a request from one place (again either a malicious site or otherwise) to another site that a user is logged into - that is where they have an open HTTP Session.

In short, XSS is running malicious code on another site and CSRF is making a request to another site that executes an action on a logged in users behalf.

In this recipe, we're going to secure a server against CSRF attacks.

...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (4)

David Mark Clements

David Mark Clements is a principal architect with nearForm, specializing in Node, frontend web, and JavaScript performance. He assists multinationals and start-ups alike with architecture planning, creating and leading development teams, innovation projects, internal evangelism, training, and deep dive consultancy on all aspects of live systems (architecture, performance, infrastructure, and deployment). David is also an avid open source enthusiast, and regularly speaks at various JavaScript and web conferences. Node.js became a core component of his toolset (since version 0.4) due to its versatility, vast ecosystem, and the cognitive ease that comes with full-stack JavaScript. Being primarily self-taught, David Mark Clements has a potent curiosity that typically drives him to approach problems with a unique perspective.

See other products by David Mark Clements

Mathias Buus Madsen

Mathias Buus (@mafintosh) is a self-taught JavaScript hacker from Copenhagen. He works full-time on open source projects and has been working with Node.js since its 0.2 days. Mathias likes to work with P2P and distributed systems, and he is the author of more than 550 modules on npm, including some of the most popular ones for working with streams. In addition, he has spoken about mad science projects at various conferences around the world.

See other products by Mathias Buus Madsen

Elger

Peter Elger is the CTO at nearForm, a consultancy specializing in enterprise digital transformation using the Node.js platform.Formerly a physicist working on the JET nuclear fusion research project, Peter has worked across several industry verticals, including disaster recovery, telecommunications, and social media. Peter has been the cofounder and CTO of two companies prior to nearForm, and he holds degrees in theoretical physics and computer science. Based in Ireland, Peter spends his time consulting for clients, working on open source software, writing, and conference speaking.

See other products by Elger

Matteo Collina

Matteo Collina is the co-founder and CTO of Platformatic who has the goal of removing all friction from backend development. He is also a prolific open source author in the JavaScript ecosystem, and the modules he maintains are downloaded more than 17 billion times a year. Previously, he was the chief software architect at NearForm, the best professional services company in the JavaScript ecosystem. In 2014, he defended his Ph.D. thesis titled Application Platforms for the Internet of Things. Matteo is a member of the Node.js Technical Steering Committee, focusing on streams, diagnostics, and HTTP. He is also the author of the fast logger, Pino, and the Fastify web framework. Matteo is a renowned international speaker after more than 60 conferences, including OpenJS World, Node.js Interactive, NodeConf.eu, NodeSummit, JSConf.Asia, WebRebels, and JsDay, to name just a few. Since August 2023, he also serves as a community director on the OpenJS Foundation. In the summer, he loves sailing the Sirocco.

See other products by Matteo Collina