Tutorial by Examples

CSRF is an attack which forces end user to execute unwanted actions on a web application in which he/she is currently authenticated. It can happen because cookies are sent with every request to a website - even when those requests come from a different site. We can use csurf module for creating cs...

If you choose to handle SSL/TLS in your Node.js application, consider that you are also responsible for maintaining SSL/TLS attack prevention at this point. In many server-client architectures, SSL/TLS terminates on a reverse proxy, both to reduce application complexity and reduce the scope of secur...

The minimal setup for an HTTPS server in Node.js would be something like this : const https = require('https'); const fs = require('fs'); const httpsOptions = { key: fs.readFileSync('path/to/server-key.pem'), cert: fs.readFileSync('path/to/server-crt.pem') }; const app = function ...

Once you have node.js installed on your system, just follow the procedure below to get a basic web server running with support for both HTTP and HTTPS! Step 1 : Build a Certificate Authority create the folder where you want to store your key & certificate : mkdir conf go to tha...

The configuration to make a secure connection using express.js (Since version 3): var fs = require('fs'); var http = require('http'); var https = require('https'); var privateKey = fs.readFileSync('sslcert/server.key', 'utf8'); var certificate = fs.readFileSync('sslcert/server.crt', 'utf8'); ...