Skip to content

Instantly share code, notes, and snippets.

View nilgradisnik's full-sized avatar

Nil Gradisnik nilgradisnik

  • Airbnb
  • Seattle, WA
View GitHub Profile
@constantology
constantology / process.logger.js
Created July 24, 2014 09:39
using node's process to emit events to log stuff from anywhere
// use like this:
// process.emit( 'app:log', module, arg1, arg2, ..., argN );
var Module = require('module');
function logConsole(method, module) {
var args = [(new Date()).toJSON(), method];
var index = 1;
if (module instanceof Module) {
@cerebrl
cerebrl / 1-securing-express.md
Last active August 2, 2023 22:48
Securing ExpressJS

tl;dr

  1. Don't run as root.
  2. For sessions, set httpOnly (and secure to true if running over SSL) when setting cookies.
  3. Use the Helmet for secure headers: https://github.com/evilpacket/helmet
  4. Enable csrf for preventing Cross-Site Request Forgery: http://expressjs.com/api.html#csrf
  5. Don't use the deprecated bodyParser() and only use multipart explicitly. To avoid multiparts vulnerability to 'temp file' bloat, use the defer property and pipe() the multipart upload stream to the intended destination.
@saniko
saniko / app.js file
Created October 11, 2012 16:59
a very simple bootstrap boilerplate for building backbone.marionette based on require.js
define([
'jquery',
'underscore',
'backbone',
'marionette',
'handlebars',
'text!templates/app_view.html',
'modules/mainMenuView/mainMenuView',
@proudlygeek
proudlygeek / client_cors.js
Created July 17, 2012 20:48
JSONP Vs. CORS
// http://jsfiddle.net/suBPQ/
$.ajax({
url: "http://api_test_server.proudlygeek.c9.io/",
success: function(data) {
console.log(data);
}
});​