Episode 315: JSJ 311: Securing Express Apps with Helmet.js with Evan Hahn
JavaScript Jabber
English - May 01, 2018 10:00 - 40 minutes - 37.2 MB - ★★★★ - 58 ratingsHow To Education Technology javascript programming browser internet web programmer developer framework front end node Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Panel:
Charles Max Wood
Special Guests: Evan Hahn
In this episode, the JavaScript Jabber panelists discuss securing Express apps with Helmet.js with Evan Hahn. Evan is a developer at Airtable, which is a company that builds spreadsheet applications that are powerful enough that you can make applications with. He has also worked at Braintree, which does payment processing for companies. They talk about what Helmet.js is, when you would want to use it, and why it can help secure your Express apps. They also touch on when you wouldn’t want to use Helmet and the biggest thing that it saves you from in your code.
In particular, we dive pretty deep on:
Evan intro
JavaScript
What is Helmet.js?
Node and Express
Why would you use the approach of Middleware?
Helmet is not the only solution
Http headers
Current maintainer of Helmet.js
npm
Has added a lot to the project, but is not the original creator
Outbound HTTP response headers
Helmet doesn’t fully secure your app but it does help secure it
How does using Helmet work?
Are there instances when you wouldn’t want to use Helmet?
No cash middleware
Where do you set the configuration options?
Top level Helmet module
12 modules
What is the biggest thing that Helmet saves you from?
Content security policy code
And much, much more!
Links:
Airtable
Braintree
JavaScript
Helmet.js
Node
Express
npm
Evan’s Website
@EvanHahn
Evan’s GitHub
Picks:
Charles
Camera
Zoom H6
Shure SM58
DevChat.tv Youtube
React Round Up
Evan