You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
constusers=[]functiongenerateUsername(firstname,surname){return`${firstname[0]}-${surname}`.toLowerCase();}arr.forEach(element=>{constusername=generateUsername(user.firstname,user.surname);users.push({email: user.email,first_name: user.firstname,
username
})});console.log("user successfully connected",user.email);console.table(users)// Winston specificconstctx={{user: {email: "", } }};// catch the sensitive information from the contextlogger.child({ context: ctx }).info('Order "1234" was processed successfully'); const childLogger = logger.child({ context: ctx });childLogger.info('Order "1234" was processed successfully');
logger.log({
level: 'info',
message: 'user successfully connected' + user.email
});
// constructor function
function Person () {
this.name = 'John',
this.age = 23,
}
// create objects
const person1 = new Person();
const person2 = new Person();
// access properties
console.log(person1.name); // John
console.log(person2.name); // John
Cookies
constsession=require('cookie-session')constexpress=require('express')constapp=express()app.use(session({
...
cookie: {secure: true,// Ensures the browser only sends the cookie over HTTPS.httpOnly: true,// Ensures the cookie is sent only over HTTP(S), not client JavaScript, helping to protect against cross-site scripting attacks.domain: 'example.com',// indicates the domain of the cookie; use it to compare against the domain of the server in which the URL is being requested. If they match, then check the path attribute next.path: 'foo/bar',// indicates the path of the cookie; use it to compare against the request path. If this and domain match, then send the cookie in the request.expires: expiryDate// use to set expiration date for persistent cookies.}}))// ...constcookieConfig={httpOnly: true,// to disable accessing cookie via client side js//secure: true, // to force https (if you use it)maxAge: 1000000,// ttl in seconds (remove this option and cookie will die when browser is closed)signed: true// if you use the secret with cookieParser};app.get('/set',(req,res)=>{res.cookie('test',user.email,cookieConfig);});
thrownewCustomError(`Error with ${user.email}`)throw`${user.email}`reject('Error with user '+user.email);Promise.reject(newError('fail'+user.email))
Weak Encryption
varcrypto=require('crypto');varkey='secret key';varencrypted=crypto.createHmac('sha1',key).update(user.password)varhashmd5=crypto.createHash('md5').update(user.password)varencrypted=crypto.createHmac('sha1',key).update(password)varhashmd5=crypto.createHash('md5').update(password)// Should use BCrypt or Scrypt for encrypting password
SSL Verification
constexpress=require('express')constapp=express()consthelmet=require('helmet')app.use(helmet())// import express from "express";// import { express } from "express";// const express = require('express')// app.use(helmet.hsts());// default configurationapp.use(helmet.hsts("<max-age>","<includeSubdomains>"));// custom configuration
// GET request for remote image in node.jsaxios({method: 'get',url: 'http://example.com',}).then(function(response){response.data.pipe(fs.createWriteStream('ada_lovelace.jpg'))});
https://www.npmjs.com/package/hot-shots
<script>
tags<script>
tagsAnalytics and logging libraries currently unsupported
Analytics libraries we support for Ruby but that we won't support for JS yet:
Code Snippets Examples
Loggers
Cookies
Links
File Generation
Session / Local Storage
Sentry
Exceptions
Weak Encryption
SSL Verification
Links
JWT
Links
HTTP Get/Post
Detect Insecure URL + Insecure params
Detect Insecure URL
Functions
The text was updated successfully, but these errors were encountered: