Security is everyone’s responsibility. Helmet protects your Node.js application from some obvious threats. While writing a Node.js + Express.js application, always use Helmet to safeguard your application or API from the usual security risks like XSS, Content Security Policy, and others.
In this article, we will see how we can add Helmet to an existing API and how it bolsters the security of the application. Let’s get started!
· Web application security
· Handy OWASP cheat sheets
· Node.js Web application security
· Example Express Js application
· Express without Helmet Js
· Express Helmet to the rescue
· Helmet js with sane defaults
· Response headers for security
∘ Content Security Policy
∘ Expect Certificate Transparency
∘ Referrer Policy
∘ Strict Transport Security
· Quick scan
· Before Express Helmet
· After Express Helmet
· Conclusion
#programming #nodejs #security #javascript