02 - Hide Potentially Dangerous Information Using helmet.hidePoweredBy() - - freeCodeCamp
Express adverties itself in Response Headers, in the 'x-powered-by' field. It's generally not a good idea to give out this information as it makes it easier for hackers to determine what system your app is running with, to find exploits.
Link to Challenge : https://www.freecodecamp.org/learn/in...
Written Guide: https://www.notion.so/ganeshh123/Hide...
Full Playlist for this course : • Information Security with HelmetJS - ...
All Writen Guides for this course : https://www.notion.so/ganeshh123/8ba8...
All My Tutorials can be found at : https://www.notion.so/Tutorials-Ganes...
00:00 - Introduction
00:21 - The Header we want to Remove
01:16 - IMPORTANT - downgrading Helmet to 2.3.0
02:27 - Removing the Header - helmet.hidePoweredBy()
Simple middleware to remove the X-Powered-By HTTP header if it's set.
https://github.com/helmetjs/helmet/tr...
02:52 - Spoofing a Fake Entry to throw off Hackers
03:17 - How to Submit
04:24 - Solution Explanation
————————————————————————————————————
HelmetJS is a type of middleware for Express-based applications that automatically sets HTTP headers to prevent sensitive information from unintentionally being passed between the server and client. While HelmetJS does not account for all situations, it does include support for common ones like Content Security Policy, XSS Filtering, and HTTP Strict Transport Security, among others. HelmetJS can be installed on an Express project from npm, after which each layer of protection can be configured to best fit the project.
freeCodeCamp (also referred to as “Free Code Camp”) is a non-profit organization that consists of an interactive learning web platform, an online community forum, chat rooms, online publications and local organizations that intend to make learning web development accessible to anyone. Beginning with tutorials that introduce students to HTML, CSS and JavaScript, students progress to project assignments that they complete either alone or in pairs. Upon completion of all project tasks, students are partnered with other nonprofits to build web applications, giving the students practical development experience.
freeCodeCamp (also referred to as “Free Code Camp”) is a non-profit organization that consists of an interactive learning web platform, an online community forum, chat rooms, online publications and local organizations that intend to make learning web development accessible to anyone. Beginning with tutorials that introduce students to HTML, CSS and JavaScript, students progress to project assignments that they complete either alone or in pairs. Upon completion of all project tasks, students are partnered with other nonprofits to build web applications, giving the students practical development experience.
Thanks for Watching!
Watch video 02 - Hide Potentially Dangerous Information Using helmet.hidePoweredBy() - - freeCodeCamp online without registration, duration hours minute second in high quality. This video was added by user Ganesh H 10 August 2020, don't forget to share it with your friends and acquaintances, it has been viewed on our site 5,693 once and liked it 45 people.