top of page
Search

Sails JS security [DRAFT]

  • Writer: Qasim Zee
    Qasim Zee
  • Mar 2, 2015
  • 1 min read

This is a checklist I am creating for myself to secure different areas of a SailsJS application I am developing these days.

For API security: https://github.com/lucj/sails-oauth2-api

For user authentication and thirdparty login: PassportJS

CSRF:

This was really important as sails by default allows CRUD operations with both GET and POST so to avoid CSRF I added the following path to the routs.js

"GET /user/create": {response: 'forbidden'},

1

"GET /user/create"

:

{

response

:

'forbidden'

}

,

I will keep adding more stuff so please feel free to comment if you think I missing something.

Recent Posts

See All
Joined Reddit as Software Engineer

O yeah, I joined Reddit. Based on all the offers I had at that time Reddit seemed to be the right sized company. I am currently working...

 
 
 

Comentários

bottom of page