- Don't run as root.
- For sessions, set
httpOnly(andsecuretotrueif running over SSL) when setting cookies. - Use the Helmet for secure headers: https://github.com/evilpacket/helmet
- Enable
csrffor preventing Cross-Site Request Forgery: http://expressjs.com/api.html#csrf - Don't use the deprecated
bodyParser()and only use multipart explicitly. To avoid multiparts vulnerability to 'temp file' bloat, use thedeferproperty andpipe()the multipart upload stream to the intended destination.
Vighnesh Raut vighnesh153
⚡
vighnesh153
/ 1-securing-express.md
Created
December 13, 2020 04:34
— forked from cerebrl/1-securing-express.md
Securing ExpressJS
vighnesh153
/ mathjax-in-react.md
Created
March 13, 2021 11:51
— forked from GiacoCorsiglia/mathjax-in-react.md
Using MathJax v3 in React
Any improvements or alternative approaches are welcome!
One alternative approach can be found in the CharlieMcVicker/mathjax-react library.
It may be possible to bundle MathJax with the rest of your JavaScript, which might have the nice consequence of allowing you to import it instead of using the global MathJax object. But I found it simpler to include the following at the bottom of my html file; this is the common way to load MathJax.
vighnesh153
/ TvDeviceTypes.kt
Created
October 31, 2024 09:45
— forked from seventhmoon/TvDeviceTypes.kt
TvDeviceTypes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import android.annotation.SuppressLint | |
| import android.content.Intent | |
| import android.content.pm.PackageManager | |
| import android.os.Build | |
| import androidx.annotation.IntDef | |
| //Make sure you have the following declared in Manifest when running on Android 11+ | |
| //<queries> | |
| //<package android:name="com.google.android.tvlauncher" /> | |
| //<package android:name="com.google.android.leanbacklauncher" /> |