JSJ 311: Securing Express Apps with Helmet.js with Evan Hahn
JavaScript Jabber1 Maj 2018

JSJ 311: Securing Express Apps with Helmet.js with Evan Hahn

Panel:
  • Charles Max Wood
Special Guests: Evan HahnIn this episode, the JavaScript Jabber panelists discuss securing Express apps with Helmet.js with Evan Hahn. Evan is a developer at Airtable, which is a company that builds spreadsheet applications that are powerful enough that you can make applications with. He has also worked at Braintree, which does payment processing for companies. They talk about what Helmet.js is, when you would want to use it, and why it can help secure your Express apps. They also touch on when you wouldn’t want to use Helmet and the biggest thing that it saves you from in your code.In particular, we dive pretty deep on:
  • Evan intro
  • JavaScript
  • What is Helmet.js?
  • Node and Express
  • Why would you use the approach of Middleware?
  • Helmet is not the only solution
  • Http headers
  • Current maintainer of Helmet.js
  • npm
  • Has added a lot to the project, but is not the original creator
  • Outbound HTTP response headers
  • Helmet doesn’t fully secure your app but it does help secure it
  • How does using Helmet work?
  • Are there instances when you wouldn’t want to use Helmet?
  • No cash middleware
  • Where do you set the configuration options?
  • Top level Helmet module
  • 12 modules
  • What is the biggest thing that Helmet saves you from?
  • Content security policy code
  • And much, much more!
Links:Picks:CharlesEvan

Support this podcast at — https://redcircle.com/javascript-jabber/donations

Privacy & Opt-Out: https://redcircle.com/privacy

Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

Avsnitt(738)

Vibe Coding: Building Faster with AI-Powered Development - JSJ 687

Vibe Coding: Building Faster with AI-Powered Development - JSJ 687

In this episode of JavaScript Jabber, we dive deep into the world of vibe coding—what it means, how it works in practice, and why it’s changing the way developers build software. I’m joined by Anthony...

22 Aug 20251h 11min

The Next Wave of Dev Tools: AI Assistants and JavaScript Workflows - JSJ 686

The Next Wave of Dev Tools: AI Assistants and JavaScript Workflows - JSJ 686

In this episode of JavaScript Jabber, we sit down with Vinicius Dallacqua, a seasoned software engineer with a passion for performance and developer tooling. Vinicius shares his journey from coding in...

14 Aug 20251h 6min

Inside VueConf: Nuxt 4, AI in Development, and the Future of Vue with Erik Hanchett - JSJ 685

Inside VueConf: Nuxt 4, AI in Development, and the Future of Vue with Erik Hanchett - JSJ 685

In this episode of JavaScript Jabber, we welcome back Erik Hanchett, Senior Developer Advocate at AWS, to dive into his experience at VueConf. From the energy of the Vue community to lightning talks o...

8 Aug 202558min

Running Doom in TypeScript’s Type System with Dimitri Mitropoulos - JSJ 684

Running Doom in TypeScript’s Type System with Dimitri Mitropoulos - JSJ 684

What if I told you someone managed to run Doom inside TypeScript’s type system? Sounds insane, right? That’s exactly what our guest Dimitri Mitropoulos did—and in this episode, we dive deep into the h...

1 Aug 20251h 18min

Preact, Performance, and the Future of Lightweight Frontends with Ryan Christian -JSJ 683

Preact, Performance, and the Future of Lightweight Frontends with Ryan Christian -JSJ 683

In this episode of JavaScript Jabber, we sit down with Ryan Christian, a core maintainer of Preact, to talk all things lightweight, performant, and practical in the JavaScript world. If you’ve ever wo...

23 Juli 20251h 7min

Speaking Up: The Developer’s Guide to Conference Talks & Career Growth - JSJ 682

Speaking Up: The Developer’s Guide to Conference Talks & Career Growth - JSJ 682

In this episode of JavaScript Jabber, I am joined by three incredible guests — Ariel Shulman, Liad Yosef, and Evyatar Alush — to dive into the world of public speaking in tech. From the jitters of the...

10 Juli 20251h 44min

How Holepunch Is Redefining Peer-to-Peer Apps with Bare.js — A New Era for JavaScript Developers -JSJ 681

How Holepunch Is Redefining Peer-to-Peer Apps with Bare.js — A New Era for JavaScript Developers -JSJ 681

In this episode, we sit down with Mathias Madsen, CEO of Holepunch, and take a wild ride through the cutting edge of peer-to-peer JavaScript development. Mathias shares his journey from accidentally d...

24 Juni 20251h 6min

Migrating a Legacy JavaScript Codebase to TypeScript - JSJ 680

Migrating a Legacy JavaScript Codebase to TypeScript - JSJ 680

In this episode, Dan and I (Steve) dove deep into what turned out to be a surprisingly complex, yet incredibly insightful topic: gradually migrating a massive legacy JavaScript project over to TypeScr...

5 Juni 20251h 25min

Populärt inom Business & ekonomi

framgangspodden
badfluence
varvet
rss-jossan-nina
rss-svart-marknad
rss-borsens-finest
uppgang-och-fall
rss-dagen-med-di
avanzapodden
lastbilspodden
rss-inga-dumma-fragor-om-pengar
rss-kort-lang-analyspodden-fran-di
fill-or-kill
bathina-en-podcast
bilar-med-sladd
borsmorgon
market-makers
24fragor
dynastin
svd-tech-brief