- Don't run as root.
- For sessions, set
httpOnly
(andsecure
totrue
if running over SSL) when setting cookies. - Use the Helmet for secure headers: https://github.com/evilpacket/helmet
- Enable
csrf
for preventing Cross-Site Request Forgery: http://expressjs.com/api.html#csrf - Don't use the deprecated
bodyParser()
and only use multipart explicitly. To avoid multiparts vulnerability to 'temp file' bloat, use thedefer
property andpipe()
the multipart upload stream to the intended destination.
(by @andrestaltz)
If you prefer to watch video tutorials with live-coding, then check out this series I recorded with the same contents as in this article: Egghead.io - Introduction to Reactive Programming.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Promise.all is good for executing many promises at once | |
Promise.all([ | |
promise1, | |
promise2 | |
]); | |
// Promise.resolve is good for wrapping synchronous code | |
Promise.resolve().then(function () { | |
if (somethingIsNotRight()) { | |
throw new Error("I will be rejected asynchronously!"); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
defmodule Map.Helpers do | |
@moduledoc """ | |
Functions to transform maps | |
""" | |
@doc """ | |
Convert map string camelCase keys to underscore_keys | |
""" | |
def underscore_keys(nil), do: nil |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Elixir CI | |
on: | |
push: | |
branches: [ master ] | |
pull_request: | |
branches: [ master ] | |
env: | |
MIX_ENV: test |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
set -o nounset | |
set -o errexit | |
usage(){ | |
echo "Usage: $0 X.Y.Z dev|test|staging|prod" | |
echo "" | |
echo "example: ./deploy.sh 1.1.3 prod" | |
echo "example: ./deploy.sh 1.2.0 dev" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
FROM elixir:1.11.2 AS build | |
## instll some dependencies (webpack basically) | |
RUN \ | |
apt-get update -y && \ | |
curl -sL https://deb.nodesource.com/setup_14.x | bash - && \ | |
apt-get install -y nodejs && node -v && npm -v | |
# Required environment variables passed in via --build-arg flags |
OlderNewer