Book Image

Mastering Web Application Development with Express

By : Alexandru Vladutu
Book Image

Mastering Web Application Development with Express

By: Alexandru Vladutu

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Mastering Web Application Development with Express
Alexandru Vladutu
Sep, 2014 | 358 pages
No titles found
Table of Contents (18 chapters)
Mastering Web Application Development with Express
Mastering Web Application Development with Express
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Diving into Express
Diving into Express
The best parts of Express
Comparing Express with other frameworks
Use cases
Express into the wild
The application structure
Summary
2
Component Modularity Using Middleware
Component Modularity Using Middleware
Connecting middleware
The functionality of middleware
Creating configurable middleware
Environment-based loading of middleware
Express routes
Ordering of middleware
Handling errors with middleware
Mounting subapplications
Replicating the middleware system
Summary
3
Creating RESTful APIs
Creating RESTful APIs
An overview of REST
SmartNotes application requirements
Creating RESTful URLs of the application
Implementing the SmartNotes application
API versioning
API rate limiting
Throttling
Facilitating caching
Content negotiation
Summary
4
Leveraging the Power of Template Engines
Leveraging the Power of Template Engines
The different types of template engines
View helpers and application-level data
Sharing code between templates with partial views
DRY templates with layouts
Template engine consolidation with consolidate.js
View caching in production
Integrating a template engine with Express
Choosing a template engine
Summary
5
Reusable Patterns for a DRY Code Base
Reusable Patterns for a DRY Code Base
Creating the MovieApp sample application
Error checks and callback functions
Tiny modules for better control flow
Ensuring a single callback execution
Extending objects in a reusable way
A simple way to create custom errors
Summary
6
Error Handling
Error Handling
Runtime (operational) errors and human errors
Ways of delivering errors in the Node applications
Strings instead of errors as an antipattern
Improving stack traces
Handling uncaught exceptions
Logging errors
Creating a custom Express error handler
Richer errors with VError
Error handling in a practical application
Summary
7
Improving the Application's Performance
Improving the Application's Performance
Serving static resources with Express
Backend improvements
Summary
8
Monitoring Live Applications
Monitoring Live Applications
Logging
Simple tips for improving the application monitoring
Collecting metrics
Useful existing monitoring tools
Ensuring the application uptime
Summary
9
Debugging
Debugging
A better error-handling middleware
Using a debug flag
Debugging routes and middleware
Using the V8 debugger
Debugging memory leaks
Adding a REPL to our Express application
Removing debugging commands
Summary
10
Application Security
Application Security
Running Express applications on privileged ports
Cross-site request forgery protection
Cross-site scripting
HTTP security headers with Helmet
Handling file uploads
Session middleware parameters
Reauthenticating the user for sensitive operations
Summary
11
Testing and Improving Code Quality
Testing and Improving Code Quality
The importance of having automated tests
Testing toolbox
Creating and testing an Express file-sharing application
Running tests before committing in Git
Code coverage
Complexity analysis of our code
Code linting
Load testing
Client-side testing
Continuous Integration
Summary
Index
Index

Running Express applications on privileged ports

The root user on Unix systems is a special user who has the ability to make system-wide changes and practically has full control over the machine. If we run an Express application as the root, and it has a vulnerability that is exploited by a hacker, then the hacker can cause a lot of damage, such as formatting the disk for instance.

To bind a web application to a port below 1024, (such as ports 80 or 443), root permissions are needed, but there are some workarounds to the problem, which are as follows:

Previous Section
End of Section 2
Next Section