ganeshkbhat

const express = require('express');
const bodyParser = require('body-parser');
const helmet = require('helmet');
const csp = require('helmet-csp');

let app = express();

// Implementing basic security defaults using helmet
app.use(helmet());
// CSP Options

ganeshkbhat

const express = require('express');
const bodyParser = require('body-parser');
const helmet = require('helmet');
const csp = require('helmet-csp');
const cors = require('cors');

let app = express();

// Implementing basic security defaults using helmet
app.use(helmet());

ganeshkbhat

const express = require('express');
const bodyParser = require('body-parser');
const helmet = require('helmet');
const csp = require('helmet-csp');
const cors = require('cors');
const rateLimit = require("express-rate-limit");
 
let app = express();

// Implementing basic security defaults using helmet

ganeshkbhat

const myFirstMiddleware = function(req, res, next) {
 someHTTPRequestLibraryOrPUBSUBLibrary.postOrRequest('https://myexternalloggingserver.com/log', {body: req.path})
   .then((data)=>{
      console.log('Sent to logging server', data);
 }, (err) =>{
      console.log('Error Occured, log err to local file', err);
 })
 next();
};

ganeshkbhat

const myFirstMiddleware = function(req, res, next) {
 // Http request to server https://myexternalloggingserver.com/log
 someHTTPRequestLibrary.post('https://myexternalloggingserver.com/log', {body: req.path})
   .then((data)=>{
      next();
 }, (err) =>{
      res.status(500).send('Failed');
 });
};

ganeshkbhat

app.post("/someUrl", function(req, res) {
// Content-Type => "application/json" (Header Content-Type in request)
   let getContent = req.header('content-type');
   if (getContent !== 'application/json') {
   res.status(406).send("Not Acceptable");
   }
// Raw buffer capture in request body (will be covered later)
   const contentBody = JSON.parse(req.body.toString('utf8'));
   res.send(200).send({result:"Success", content: contentBody});
});

ganeshkbhat

app.post("/someUrl", function(req, res) {
 // Check if cookie is sent
   let session = req.cookie.session;
   if (!session) {
   res.status(403).send("Forbidden");
   }
   const contentBody = JSON.parse(req.body.toString('utf8'));
   res.send(200).send({result:"Success", content: contentBody});
});

ganeshkbhat

app.post("/someUrl", function(req, res) {
   let isFresh = req.fresh;
   if (!isFresh) {
   res.status(403).send("Forbidden");
   }
   const contentBody = JSON.parse(req.body.toString('utf8'));
   res.send(200).send({result:"Success", content: contentBody});
});

ganeshkbhat

app.post("/someUrl", function(req, res) {
   let hostname = req.hostname;
   if (hostname !== "xxx") {
   res.status(403).send("Forbidden");
   }
   const contentBody = JSON.parse(req.body.toString('utf8'));
   res.send(200).send({result:"Success", content: contentBody});
});

ganeshkbhat

app.post("/someUrl", function(req, res) {
   let whitelistIPAddress = req.ip;
   if (whitelistIPAddress !== "192.168.0.4") {
   res.status(403).send("Forbidden");
   }
   const contentBody = JSON.parse(req.body.toString('utf8'));
   res.send(200).send({result:"Success", content: contentBody});
});