Tag Archives: Node Apps

Using Underscore.js in Node.js Apps


via Using Underscore.js in Node.js Apps.

Underscore.js is a utility library that is widely used to deal with arrays, collections and objects in JavaScript. It can be used in both frontend and backend based JavaScript applications. Usages of this library include filtering from array, mapping objects, extending objects, operating with functions and more. If you are familiar with LINQ in C#, underscore.js brings most of the capabilities of LINQ to JavaScript.

 An Awesome guide to jQuery. Available in PDF, ePub and Mobi. Click here

Node.js is a platform for building server side applications using JavaScript. While designing REST APIs in Node.jsthat interact with NoSQL databases like MongoDB, we either get an object or, a collection of objects. In most of the scenarios, we may not want to send the same object in response to the API. The data has to be mapped to the structure of the Data Transfer Object (DTO) designed for the API. This transformation would take a lot of time and energy if we do it manually. Underscore.js provides a set of handy methods that makes our job easier. In this post, we will see how to use Underscore.js and where it fits in Node.js applications.

Note: If you are new to Node.js, check Node.js Tutorial Series – Getting Started

Secure Node Apps Against OWASP Top 10 – Cross Site Request Forgery


via Secure Node Apps Against OWASP Top 10 – Cross Site Request Forgery – Scott Smith.

Welcome to part 4 of the OWASP security series

  1. Injection
  2. Broken Authentication & Session Management
  3. Cross Site Scripting (XSS)
  4. Cross Site Request Forgery (CSRF)
  5. Using Components with Known Vulnerabilities (Coming soon)

In this multipart series, we will explore some of the the OWASP top web application security flaws including how they work and best practices to protect your application from them. The focus will be on Express web applications in Node, but the principles shown can be applied to any framework or environment.

This part will cover cross site request forgery (CSRF).

Add a CLI to Node Apps with Vantage


via Add a CLI to Node Apps with Vantage.

Vantage (GitHub: dthree/vantage, License: MIT, npm: vantage) by David Caccavella is a very nicely packaged module for adding command-line interfaces to your Node applications. It provides two components: a server, and a command-line tool that you use to connect to your live app. Rather than connecting to a TCP port with something like telnet, you actually type vantage in the command-line.

Secure Node Apps Against OWASP Top 10 – Authentication & Sessions


via Secure Node Apps Against OWASP Top 10 – Authentication & Sessions – Scott Smith.

Welcome to part 2 of the OWASP security series

  1. Injection
  2. Broken Authentication & Session Management
  3. Cross Site Scripting (XSS)
  4. Cross Site Request Forgery (CSRF) (Coming soon)
  5. Using Components with Known Vulnerabilities (Coming soon)

In this multipart series, we will explore some of the the OWASP top web application security flaws including how they work and best practices to protect your application from them. The focus will be on Express web applications in Node, but the principles shown can be applied to any framework or environment.

This part will cover broken authentication and session management.