JSJ 311: Securing Express Apps with Helmet.js with Evan Hahn

Panel: Charles Max Wood Special Guests: Evan HahnIn this episode, the JavaScript Jabber panelists discuss securing Express apps with Helmet.js with Evan Hahn. Evan is a developer at Airtable, which is a company that builds spreadsheet applications that are powerful enough that you can make applications with. He has also worked at Braintree, which does payment processing for companies. They talk about what Helmet.js is, when you would want to use it, and why it can help secure your Express apps. They also touch on when you wouldn’t want to use Helmet and the biggest thing that it saves you from in your code.In particular, we dive pretty deep on:Evan introJavaScript What is Helmet.js?Node and ExpressWhy would you use the approach of Middleware?Helmet is not the only solutionHttp headersCurrent maintainer of Helmet.jsnpmHas added a lot to the project, but is not the original creatorOutbound HTTP response headersHelmet doesn’t fully secure your app but it does help secure itHow does using Helmet work?Are there instances when you wouldn’t want to use Helmet?No cash middlewareWhere do you set the configuration options?Top level Helmet module12 modulesWhat is the biggest thing that Helmet saves you from?Content security policy codeAnd much, much more!Links:AirtableBraintreeJavaScriptHelmet.jsNodeExpressnpmEvan’s Website@EvanHahnEvan’s GitHubPicks:CharlesCameraZoom H6Shure SM58DevChat.tv YoutubeReact Round UpEvanClojureFortuneKantaro: The Sweet Tooth Salaryman

Support this podcast at — https://redcircle.com/javascript-jabber/donations

Privacy & Opt-Out: https://redcircle.com/privacy

Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.