Dominic Barnes - Node Security
Here you can read online Dominic Barnes - Node Security full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2013, publisher: Packt Publishing, genre: Computer. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:
Romance novel
Science fiction
Adventure
Detective
Science
History
Home and family
Prose
Art
Politics
Computer
Non-fiction
Religion
Business
Children
Humor
Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.
- Book:Node Security
- Author:
- Publisher:Packt Publishing
- Genre:
- Year:2013
- Rating:5 / 5
- Favourites:Add to favourites
- Your mark:
Node Security: summary, description and annotation
We offer to read an annotation, description, summary or preface (depends on what the author of the book "Node Security" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.
Take a deep dive into the world of securing your Node applications with Node Security
Overview
- Examine security features and vulnerabilities within JavaScript
- Explore the Node platform, including the event-loop and core modules
- Solve common security problems with available npm modules
In Detail
Node.js is a fast-growing platform for building server applications using JavaScript. Now that it is being more widely used in production settings, Node applications will start to be specifically targeted for security vulnerabilities. Protecting your users will require an understanding of attack vectors unique to Node, as well as shared with other web applications.
To secure Node.js applications, well start by helping you delve into the building blocks that make up typical Node applications. By understanding all the layers that you are building on top of, you can write code defensively and securely. In doing so, you will be able to protect your users data and your infrastructure, while still using the rock-star technology behind Node.js.
Teaching you how to secure your Node applications by learning about each of the layers you will be building on top of; starting with JavaScript itself, then the Node platform, and finally the npm module ecosystem. By starting with JavaScript, you will learn what to avoid and what to embrace. Next, we will explain the Node platform, including its unique architecture and core modules, so you know how things work under the hood. Finally, we will introduce the rich ecosystem of npm modules, including modules to help you solve the common security problems you might face. Through our handy tutorials, you will be able to write secure Node.js applications, ones that will remain online under pressure and be able to weather the most common attacks that face web applications today.
What you will learn from this book
- Master the origins of the Node.js and npm projects
- Understand the architecture, including the event-loop and asynchronous I/O
- Delve into the key aspects of avoiding some common pitfalls of JavaScript development
- Incorporate ES5s security improvements, including strict-mode
- Add static code analysis and the code-quality it promotes
- Explore the basics of proper error-handling within Node applications
- Understand the architecture of Express and Connect
- Adapt common authentication and authorization schemes
Approach
A practical and fast-paced guide that will give you all the information you need to secure your Node applications.
Who this book is written for
If you are a developer who wishes to secure your Node applications, whether you are already using Node Security in production, or are considering using it for your next project, then this book will enable you to ensure security of your applications. An understanding of JavaScript is a prerequisite, and some experience with Node is recommended, though not required.
Dominic Barnes: author's other books
Who wrote Node Security? Find out the surname, the name of the author of the book and a list of all author's works by series.
Node Security — read online for free the complete book (whole text) full work
Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Node Security" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.
Font size:
Interval:
Bookmark:
Copyright 2013 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
First published: October 2013
Production Reference: 1211013
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham B3 2PB, UK.
ISBN 978-1-78328-149-7
www.packtpub.com
Cover Image by Prashant Timappa Shetty (<>)
Author
Dominic Barnes
Reviewers
Johannes Boyne
Dan Palmer
Acquisition Editors
Antony Lowe
Grant Mizen
Commissioning Editor
Mohammed Fahad
Technical Editor
Shashank Desai
Project Coordinator
Romal Karani
Proofreader
Hardip Sidhu
Indexer
Rekha Nair
Production Coordinator
Shantanu Zagade
Cover Work
Shantanu Zagade
Dominic Barnes is a web developer as a hobbyist and by profession. Since writing HTML with Microsoft Notepad back in high school, he has grown in skill through the many opportunities he has had. With experiences in ColdFusion, ASP.NET, PHP, and now Node.js, his passion is to create applications that people find useful. To him, the user experience is paramount and requires writing secure and high-performance code, no matter what platform is being used.
I want to thank Jesus Christ above all, for blessing me with the opportunities to serve people through my work with technology. Without Him, I would not be where I am today and I could not do what I do without His work in my life. He has also blessed me richly through my lovely wife, Joanie, who is the best friend I could ever ask for. She has supported and encouraged me through this entire process, and she helps me work hard and put forth excellence in everything I do. I love her very much, and cannot picture my life without her.
Johannes Boyne is the technical project lead for VIRTUAL TWINS, an indoor-navigation and information system by Archkomm GmbH.
His work with Node.js begun with Version 0.4 and since then he has supported the Node.js community, and recently he joined the Node Security Project as an auditor.
He started as a rich Internet application developer and did consulting work later on till he joined Archkomm for the VIRTUAL TWINS project. He is interested in new technologies such as NoSQL, high-performance and highly scalable systems, as well as cloud computing. Besides work he loves sports, reading about new scientific researches, watching movies, and travelling.
He also worked on the books Rich-Internet-Applications with Adobe Flex 3 and Adobe Flex 4 both by the author, Simon Widjaja .
Dan Palmer is a Computer Science Master's student at the University of Southampton, UK, and has worked at as a software developer at a range of companies during his education. He always had a keen interest in security, and has recently completed a placement at MWR InfoSecurity as a security tools developer and penetration tester. He has also worked in the past as a Node.js web developer and Mac OS software developer, making software and services for end users.
I'd like to thank all those I have worked with over the past few years, who have helped me develop my software development skills, and also my appreciation for security in many contexts, and the impact it has across our industry. Thanks Keith , Gerhard , Geoff , Dan , Mike , Martin , Dave , and everyone else. I really appreciate the help and advice you've all given me.
You might want to visit www.PacktPub.com for support files and downloads related to your book.
Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at > for more details.
At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.
http://PacktLib.PacktPub.com
Do you need instant solutions to your IT questions? PacktLib is Packt's online digital book library. Here, you can access, read and search across Packt's entire library of books.
- Fully searchable across every book published by Packt
- Copy and paste, print and bookmark content
- On demand and accessible via web browser
If you have an account with Packt at www.PacktPub.com, you can use this to access PacktLib today and view nine entirely free books. Simply use your login credentials for immediate access.
Node.js is a fast-growing platform for building server applications using JavaScript. Now that it is being used more widely in production settings, Node.js applications will begin to be specifically targeted for security vulnerabilities. Protecting your users will require the understanding of attack vectors that are unique to Node.js as well as those shared with other web application platforms.
, Introduction to Node.js , introduces Node.js and explains how it differs from other development platforms.
, General Considerations , goes over the general security considerations, particularly within JavaScript itself as well as Node.js applications in general.
, Application Considerations , addresses the security issues related to the applications in general, including authentication, authorization, and error handling.
, Request Layer Considerations , covers vulnerabilities that are specific to request handling, such as Cross-site Request Forgery ( CSRF ).
, Response Layer Vulnerabilities , deals with the issues that arise during or after the response is processed, such as Cross-site scripting ( XSS ).
To get the most from this book, you should have Node.js installed on your system. Instructions are available for many platforms at http://nodejs.org/. Be familiar with npm and its command-line usage. It is bundled with Node.js, so no additional installation is required.
Font size:
Interval:
Bookmark:
Similar books «Node Security»
Look at similar books to Node Security. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.
Discussion, reviews of the book Node Security and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.