JSJ 311: Securing Express Apps with Helmet.js with Evan Hahn
Charles Max Wood
Special Guests: Evan Hahn
In particular, we dive pretty deep on:
- Evan intro
- What is Helmet.js?
- Node and Express
- Why would you use the approach of Middleware?
- Helmet is not the only solution
- Http headers
- Current maintainer of Helmet.js
- Has added a lot to the project, but is not the original creator
- Outbound HTTP response headers
- Helmet doesn’t fully secure your app but it does help secure it
- How does using Helmet work?
- Are there instances when you wouldn’t want to use Helmet?
- No cash middleware
- Where do you set the configuration options?
- Top level Helmet module
- 12 modules
- What is the biggest thing that Helmet saves you from?
- Content security policy code
- And much, much more!