rajeshkumaravel

# config to don't allow the browser to render the page inside an frame or iframe
# and avoid clickjacking http://en.wikipedia.org/wiki/Clickjacking
# if you need to allow [i]frames, you can use SAMEORIGIN or even set an uri with ALLOW-FROM uri
# https://developer.mozilla.org/en-US/docs/HTTP/X-Frame-Options
add_header X-Frame-Options SAMEORIGIN;

# when serving user-supplied content, include a X-Content-Type-Options: nosniff header along with the Content-Type: header,
# to disable content-type sniffing on some browsers.
# https://www.owasp.org/index.php/List_of_useful_HTTP_headers
# currently suppoorted in IE > 8 http://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx

rajeshkumaravel

// consumer1.js
const kafka           = require('kafka-node');
const CONFIG          = require('../config/index');
const _TOPIC          = CONFIG.KAFKA.TOPICS.TOPIC_1;

try {
  const { Consumer }  = kafka;
  const client        = new kafka.KafkaClient(CONFIG.KAFKA.SERVER);
  const consumer      = new Consumer(
    client,

rajeshkumaravel

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>MediaCapture and Streams API</title>
    <meta name="viewport" content="width=device-width">
    <link rel="stylesheet" href="main.css">
</head>
<body>
    <header>

rajeshkumaravel

With this commit-msg git hook and your branch names have Jira reference(s), your commit messages will be automatically updated to include any missing reference(s) too.

Installation

Place contents of this gist's commit-msg file into your checkout's .git/hooks/commit-msg file and make it executable.

Bash

cd path/to/your/git/checkout \
&& install -vbm 755 <(curl -s https://gist.githubusercontent.com/dberstein/dcc50e171163c3f6e0f23b2b5de5dd49/raw/5e5372ff22a872321ad1f5469a4d579c15ce498a/commit-msg) "$(git rev-parse --git-dir)/hooks/commit-msg"

rajeshkumaravel

#!/bin/sh
# .git/hooks/commit-msg
test "" != "$(egrep '[A-Z]{3,}-\d+' "$1")" || {
    echo >&2 Commit message requires JIRA code.
    exit 1
}

rajeshkumaravel

Running editors in local (Development Purpore)

---

• Create folder thirdparty/ under SunbirdEd-portal/src/app/client/src/
• Download all editors from artifacts URL
• Extract each archive to separate folder
• Move the extracted folder(s) to thirdparty folder
• Update environment variable file (devConfig) *

rajeshkumaravel

How to make your NodeJS application or API secure ?

---

How to prevent these attacks from happening in your own project?

Preventing DOS Attacks

1. First thing to consider when dealing with DOS attacks prevention is to limit the actual payload that user can submit to your app / api / service. You can limit the body payload using body-parser. If you are using ExpressJS as your backend framework, then you are golden. ExpressJS comes with built-in body-parser that you can use.

rajeshkumaravel

'use strict'

const rTracer = require('cls-rtracer')

// first - configure winston logger

const { createLogger, format, transports } = require('winston')
const { combine, timestamp, printf } = format

// a custom format that outputs request id

rajeshkumaravel

{
  "100": "Continue",
  "101": "Switching Protocols",
  "102": "Processing",
  "200": "OK",
  "201": "Created",
  "202": "Accepted",
  "203": "Non-Authoritative Information",
  "204": "No Content",
  "205": "Reset Content",

rajeshkumaravel

STEPS TO SETUP DESKTOP APP

1. Fork and clone https://github.com/Sunbird-Ed/SunbirdEd-portal
2. Install dependencies src/desktop && yarn install
3. Install dependencies cd OpenRAP && yarn install
4. Generate build under cd src/desktop/OpenRAP && npm run pack
5. Copy generated .tgz file path; ex: /home/User1/SunbirdEd-portal/src/desktop/OpenRAP/dist/project-sunbird-OpenRAP-1.0.2.tgz
6. cd ..
7. yarn add path-to-tar file yarn add /home/User1/SunbirdEd-portal/src/desktop/OpenRAP/dist/project-sunbird-OpenRAP-1.0.2.tgz