JSJ 311: Securing Express Apps with Helmet.js with Evan Hahn
JavaScript Jabber1 Mai 2018

JSJ 311: Securing Express Apps with Helmet.js with Evan Hahn

Panel:
  • Charles Max Wood
Special Guests: Evan HahnIn this episode, the JavaScript Jabber panelists discuss securing Express apps with Helmet.js with Evan Hahn. Evan is a developer at Airtable, which is a company that builds spreadsheet applications that are powerful enough that you can make applications with. He has also worked at Braintree, which does payment processing for companies. They talk about what Helmet.js is, when you would want to use it, and why it can help secure your Express apps. They also touch on when you wouldn’t want to use Helmet and the biggest thing that it saves you from in your code.In particular, we dive pretty deep on:
  • Evan intro
  • JavaScript
  • What is Helmet.js?
  • Node and Express
  • Why would you use the approach of Middleware?
  • Helmet is not the only solution
  • Http headers
  • Current maintainer of Helmet.js
  • npm
  • Has added a lot to the project, but is not the original creator
  • Outbound HTTP response headers
  • Helmet doesn’t fully secure your app but it does help secure it
  • How does using Helmet work?
  • Are there instances when you wouldn’t want to use Helmet?
  • No cash middleware
  • Where do you set the configuration options?
  • Top level Helmet module
  • 12 modules
  • What is the biggest thing that Helmet saves you from?
  • Content security policy code
  • And much, much more!
Links:Picks:CharlesEvan

Support this podcast at — https://redcircle.com/javascript-jabber/donations

Privacy & Opt-Out: https://redcircle.com/privacy

Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

Episoder(737)

Making Monorepos Breakproof with Anton Stoychev - JSJ 694

Making Monorepos Breakproof with Anton Stoychev - JSJ 694

In this solo-hosted episode, I (Steve Edwards) dive deep into the world of modern monorepos with special guest Anton Stoychev from Yotpo. Anton shares his journey from the early days of PHP and IE6 ni...

24 Okt 20251h 13min

Spec-Driven Development and the Future of AI IDEs with AWS’s Kiro - JSJ 693

Spec-Driven Development and the Future of AI IDEs with AWS’s Kiro - JSJ 693

In this episode of JavaScript Jabber, I sit down with AWS’s Clare Liguori and Erik Hanchett to talk about Kiro, a brand-new AI-powered IDE that’s reimagining the way developers build software. We dive...

9 Okt 202543min

Modern JavaScript Testing: Integration, Contract Testing & AI Tools - JSJ 692

Modern JavaScript Testing: Integration, Contract Testing & AI Tools - JSJ 692

In this episode of JavaScript Jabber, I sit down with Dan Shapir and our special guest, Yoni Goldberg, to dive deep into the ever-evolving world of JavaScript testing. Yoni, a consultant who’s worked ...

29 Sep 20251h 6min

The Comeback of RPC: SolidJS, TanStack, and the Future of JavaScript Frameworks with Ryan Carniato & Tanner Linsley - JSJ 691

The Comeback of RPC: SolidJS, TanStack, and the Future of JavaScript Frameworks with Ryan Carniato & Tanner Linsley - JSJ 691

In this episode of JavaScript Jabber, I sit down with Ryan Carniato, creator of SolidJS, and Tanner Linsley, the force behind TanStack, for a deep-dive conversation on the resurgence of Remote Procedu...

22 Sep 20251h 29min

Exploring Vibe Coding and the Future of Product Management with Gunnar Berger - JSJ 690

Exploring Vibe Coding and the Future of Product Management with Gunnar Berger - JSJ 690

In this episode of JavaScript Jabber, I sit down with Amazon product leader Gunnar Berger to dive into the fast-evolving world of vibe coding and how it’s reshaping the relationship between developers...

12 Sep 20251h 13min

How to Use Web Components, Iframes, and Module Federation for Multi-Framework Apps - JSJ 689

How to Use Web Components, Iframes, and Module Federation for Multi-Framework Apps - JSJ 689

This week on JavaScript Jabber, we dive deep into the challenges and opportunities of mixing and matching frontend frameworks in modern applications. I’m joined by Dan Shapir, Steve Edwards, and our s...

2 Sep 20251h 17min

Why We’re Building the Front End Wrong (and How to Fix It) - JSJ 688

Why We’re Building the Front End Wrong (and How to Fix It) - JSJ 688

In this episode of JavaScript Jabber, I sit down with Delaney Gilliland to dive into why most of us are building the front end wrong—and what a faster, leaner, and simpler alternative could look like....

28 Aug 202546min

Vibe Coding: Building Faster with AI-Powered Development - JSJ 687

Vibe Coding: Building Faster with AI-Powered Development - JSJ 687

In this episode of JavaScript Jabber, we dive deep into the world of vibe coding—what it means, how it works in practice, and why it’s changing the way developers build software. I’m joined by Anthony...

22 Aug 20251h 11min

Populært innen Business og økonomi

stopp-verden
lydartikler-fra-aftenposten
dine-penger-pengeradet
e24-podden
rss-penger-polser-og-politikk
rss-borsmorgen-okonominyhetene
utbytte
pengesnakk
finansredaksjonen
pengepodden-2
tid-er-penger-en-podcast-med-peter-warren
rss-sunn-okonomi
morgenkaffen-med-finansavisen
livet-pa-veien-med-jan-erik-larssen
lederpodden
rss-markedspuls-2
okonomiamatorene
rss-andelige-tanker-med-camillo
stormkast-med-valebrokk-stordalen
rss-fa-makro