Date: Tue, 01 May 2018 10:00:00 +0000
<div class="trix-content"> <div><strong>Panel: </strong></div><ul><li>Charles Max Wood</li></ul><div> <strong>Special Guests: </strong>Evan Hahn</div><div>In this episode, the JavaScript Jabber panelists discuss securing Express apps with Helmet.js with Evan Hahn. Evan is a developer at <a href="https://airtable.com/">Airtable</a>, which is a company that builds spreadsheet applications that are powerful enough that you can make applications with. He has also worked at <a href="https://www.braintreepayments.com/">Braintree</a>, which does payment processing for companies. They talk about what <a href="https://helmetjs.github.io/">Helmet.js</a> is, when you would want to use it, and why it can help secure your <a href="https://expressjs.com/">Express</a> apps. They also touch on when you wouldn’t want to use Helmet and the biggest thing that it saves you from in your code.</div><div><strong>In particular, we dive pretty deep on:</strong></div><ul> <li>Evan intro</li> <li><a href="https://www.javascript.com/">JavaScript </a></li> <li>What is <a href="https://helmetjs.github.io/">Helmet.js</a>?</li> <li> <a href="https://nodejs.org/en/">Node</a> and <a href="https://expressjs.com/">Express</a> </li> <li>Why would you use the approach of Middleware?</li> <li>Helmet is not the only solution</li> <li>Http headers</li> <li>Current maintainer of Helmet.js</li> <li><a href="https://www.npmjs.com/">npm</a></li> <li>Has added a lot to the project, but is not the original creator</li> <li>Outbound HTTP response headers</li> <li>Helmet doesn’t fully secure your app but it does help secure it</li> <li>How does using Helmet work?</li> <li>Are there instances when you wouldn’t want to use Helmet?</li> <li>No cash middleware</li> <li>Where do you set the configuration options?</li> <li>Top level Helmet module</li> <li>12 modules</li> <li>What is the biggest thing that Helmet saves you from?</li> <li>Content security policy code</li> <li>And much, much more!</li> </ul><div><strong>Links:</strong></div><ul> <li><a href="https://airtable.com/">Airtable</a></li> <li><a href="https://www.braintreepayments.com/">Braintree</a></li> <li><a href="https://www.javascript.com/">JavaScript</a></li> <li><a href="https://helmetjs.github.io/">Helmet.js</a></li> <li><a href="https://nodejs.org/en/">Node</a></li> <li><a href="https://expressjs.com/">Express</a></li> <li><a href="https://www.npmjs.com/">npm</a></li> <li><a href="https://evanhahn.com/">Evan’s Website</a></li> <li><a href="https://twitter.com/evanhahn?lang=en">@EvanHahn</a></li> <li><a href="https://github.com/EvanHahn">Evan’s GitHub</a></li> </ul><div><strong>Picks:</strong></div><div>Charles</div><ul> <li>Camera</li> <li><a href="https://www.amazon.com/Zoom-H6-Six-Track-Portable-Recorder/dp/B00DFU9BRK/ref=sr_1_3?s=musical-instruments&ie=UTF8&qid=1525105848&sr=1-3&keywords=zoom+h6">Zoom H6</a></li> <li><a href="https://www.amazon.com/Shure-SM58-LC-Cardioid-Dynamic-Microphone/dp/B0179T2CM8/ref=sr_1_1_sspa?s=musical-instruments&ie=UTF8&qid=1525105890&sr=1-1-spons&keywords=shure+sm58&psc=1&smid=AZH80ONF88EC1">Shure SM58</a></li> <li><a href="https://www.youtube.com/c/devchattv">DevChat.tv Youtube</a></li> <li><a href="https://devchat.tv/react-round-up">React Round Up</a></li> </ul><div>Evan</div><ul> <li><a href="https://clojure.org/">Clojure</a></li> <li><a href="http://fortune.js.org/">Fortune</a></li> <li><a href="https://www.imdb.com/title/tt6983520/">Kantaro: The Sweet Tooth Salaryman</a></li> </ul> </div> Support this podcast at — https://redcircle.com/javascript-jabber/donations Advertising Inquiries: https://redcircle.com/brands Privacy & Opt-Out: https://redcircle.com/privacy
