- Don't run as root.
- For sessions, set
httpOnly(andsecuretotrueif running over SSL) when setting cookies. - Use the Helmet for secure headers: https://github.com/evilpacket/helmet
- Enable
csrffor preventing Cross-Site Request Forgery: http://expressjs.com/api.html#csrf - Don't use the deprecated
bodyParser()and only use multipart explicitly. To avoid multiparts vulnerability to 'temp file' bloat, use thedeferproperty andpipe()the multipart upload stream to the intended destination.
Anthony Denneulin denneulin
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function slugify(text) | |
| { | |
| return text.toString().toLowerCase() | |
| .replace(/\s+/g, '-') // Replace spaces with - | |
| .replace(/[^\w\-]+/g, '') // Remove all non-word chars | |
| .replace(/\-\-+/g, '-') // Replace multiple - with single - | |
| .replace(/^-+/, '') // Trim - from start of text | |
| .replace(/-+$/, ''); // Trim - from end of text | |
| } |
branneman
/ better-nodejs-require-paths.md
Last active
April 11, 2025 10:39
Better local require() paths for Node.js
When the directory structure of your Node.js application (not library!) has some depth, you end up with a lot of annoying relative paths in your require calls like:
const Article = require('../../../../app/models/article');Those suck for maintenance and they're ugly.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function logClass(target: any) { | |
| // save a reference to the original constructor | |
| var original = target; | |
| // a utility function to generate instances of a class | |
| function construct(constructor, args) { | |
| var c : any = function () { | |
| return constructor.apply(this, args); | |
| } |
Advantages compared to using symbols as enum values:
- Enum values are much more customizable. For example, one can have custom prototype and/or instance methods.
- Enum values get two custom properties:
nameprovides direct access to the name of an enum value.ordinalholds a number, the position of the enum value. Useful for some applications.
- One can use
instanceofto test whether a value is an element of an enum. - One occasionally requested feature for enums is that enum values be numbers (e.g. for flags) or strings (e.g. to compare with values in HTTP headers). That can be achieved by making those values properties of enum values. For an example, see
enum Mode, below.
Static properties of enums:
gtkatakura
/ FunctionalTypeScript.ts
Last active
September 14, 2017 11:53
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // library or otherwise | |
| // { | |
| type Func<T, TResult> = (value: T) => TResult; | |
| type Predicate<T> = Func<T, boolean>; | |
| function compose<TIn, TMiddle, TOut>(f: Func<TMiddle, TOut>, g: Func<TIn, TMiddle>) { | |
| return (value: TIn) => f(g(value)); | |
| } |