Node Diggity


I’m getting fully stuck into Node.js today, writing a POC service with a number of REST endpoints, using Express. I do like the quick simplicity of setting up entire services in this way, often in just a single file, there’s always that buzz you get from the initial rapid development of any project in its early stages.

One thing I will say, though, is that I do have doubts about my own ability/knowledge when it comes to securing a Node app, as opposed to a Spring/Java service which I’m a lot more accustomed to. I need a bit more experience with Node in production before I reach a reasonable level of confidence in security matters.

In this case, however, the service I am writing is a purely public search engine wrapper, with only GET endpoints and no intrinsic vulnerabilities provided by the endpoints themselves (I have taken care of the obvious SQL injection stuff etc.). With that in mind, I don’t have any huge concerns in deploying the finished version to production.

Best crack on.




Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s