Express in Action: Writing, building, and testing Node.js applications

Previous Chapter

Appendix. Other helpful modules

List of Figures

Index

[SYMBOL][A][B][C][D][E][F][G][H][I][J][K][L][M][N][O][P][Q][R][S][T][U][V][W][X][Z]

SYMBOL

^ character % (modulo operator) <% expression %> <%- userString %> <%= myString %> == (double-equals operator) === (strict equality operator). See also ===(triple-equals operator). === (triple-equals operator) ~ character 100 (Continue) status code 101 (Switching Protocols) status code 200 (OK) status code 201 (Created) status code 202 (Accepted) status code 204 (No Content) status code 301 (Moved Permanently) status code 303 (See Other) status code 307 (Temporary Redirect) status code 401 (Unauthorized) error 403 (Forbidden) error 404 (Not Found) error 404 handler middleware

A

a:active Accept header Accepted (202) status code Accepts header Adobe products, and cross-origin web requests a:hover ALLOW-FROM option Angular.js framework APIs, building API versioning CRUD (create, read, update, delete) APIs CRUD applications with HTTP methods HTTP methods Express-powered JSON API HTTP status codes, setting 100 range 200 range 300 range 400 range 500 range JSON API example app.get function app.js file app.listen(3000) app.post function appName property arraywrap package Async utility library auditing code authenticating users, setting up Passport middleware real authentication routes and views serializing and deserializing users automated testing. See testing applications. a:visited Awesome Node.js

B

Backbone.js library bcrypt algorithm beforeEach feature, Mocha best practices file structure pattern localized dependencies executing commands from npm scripts invoking commands directly locking down dependency versions eschewing optimistic versioning npm’s shrinkwrap command upgrading and adding dependencies simplicity bin/ folder Binary JSON. See BSON. bio field biography block body block header <body> tag body-parser module Bootstrap border-radius property bower command breaking changes Browserify, using with Grunt, 2^nd browsers preventing from inferring file type requiring modules in BSON (Binary JSON) bug free code enforcing good JavaScript with JSHint halting after errors happen in callbacks parsing of query strings built-in modules, Node.js

C

cache property callbacks, halting after errors happen in capitalize function, 2^nd Chai assertion library, setting up charAt method Cheerio library, 2^nd Chrome browser, 2^nd clickjacking, prevention of CoffeeScript compiling using connect-assets using connect-assets to compile CommonJS compression module config/ folder Connect framework, 2^nd connect-assets concatenating scripts with directives installing linking to assets from views setting up middleware connect-ratelimit console.log function, 2^nd Consolidate.js library Content Security Policy header cookie module cookie-parser module, 2^nd core parts of conveniences middleware routing subapplications Created (201) status code createdAt property Crockford, Douglas crossdomain.xml file cross-origin web requests, Adobe products and cross-site scripting attack prevention escaping user input mitigating XSS with HTTP headers CRUD (create, read, update, delete) APIs CRUD applications with HTTP methods HTTP methods CSRF (cross-site request forgery) prevention attack example in Express overview _csrf parameter css function cssnext tool cURL command-line tool currentUser property, 2^nd

D

database models Debian DELETE methods DENY option dependencies localized executing commands from npm scripts invoking commands directly safety of auditing code checking against Node Security Project keeping dependencies up to date versions, locking down eschewing optimistic versioning npm’s shrinkwrap command upgrading and adding dependencies dependencies key, package.json --depth flag deserializing users display name displayName field double-equals operator (==) drivers

E

EJS (Embedded JavaScript) adding own filters including other EJS templates within own syntax of ejs variable ejs.filters property Embedded JavaScript. See EJS. encodeURI function ensureAuthenticated err argument error handling middleware expect function expect property Express core parts of conveniences middleware routing subapplications ecosystem surrounding how used minimal philosophy of third-party modules for versus other web application frameworks express.static middleware, 2^nd express() function, 2^nd extending, request object

F

file structure pattern file type, preventing browsers from inferring filters, adding own in EJS findOne Forecast.io Foreman tool Forever tool, 2^nd fs.readFile function fs.stats function functions, in LESS, 2^nd

G

GET methods getProfilePhotoPath function Git version control system Google Chrome. See Chrome browser. Grunt tool compiling LESS using installing minifying JavaScript with running on Heroku using Browserify with using grunt watch grunt-contrib-coffee grunt-contrib-concat grunt-contrib-imagemin grunt-contrib-requirejs grunt-contrib-sass Gruntfile, 2^nd guestbook example program creating views main app code set up starting up Gulp tool

H

Hapi.js framework <header> tag Helmet module, 2^nd Heroku client tool deploying first app making Heroku-ready app making server more crash resistant running Grunt on setting up Homebrew package manager HSTS (HTTP Strict Transport Security) HTML responses, testing <html> element, 2^nd HTML5 Rocks guide HTTP headers, mitigating XSS with HTTP methods http module, Node.js HTTP status codes, setting 100 range 200 range 300 range 400 range 500 range HTTP Strict Transport Security. See HSTS. http variable http.createServer http.createServer function HTTPS protecting users using using Express with

I

_id property, 2^nd idempotence <iframe> element, 2^nd include function includes, in LESS, 2^nd index.ejs installing Grunt tool Node.js integration tests

J

JavaScript, 4^th. See EJS (Embedded JavaScript). enforcing good JavaScript with JSHint minifying using Grunt tool JavaScript: The Good Parts (Crockford) JavaScript, 4^th. See EJS (Embedded JavaScript). enforcing good JavaScript with JSHint minifying using Grunt tool js function JSHint, enforcing good JavaScript using JSON API example Express-powered

K

L

LESS alternatives to compiling using connect-assets compiling using Grunt functions includes mixins nesting variables <link> tag Linux local strategy localized dependencies executing commands from npm scripts invoking commands directly LocalStrategy variable locking down dependency versions eschewing optimistic versioning npm’s shrinkwrap command upgrading and adding dependencies Lodash utility library

M

MEAN (MongoDB, Express, Angular) message variable Meteor framework Method token middleware, 2^nd, 3^rd error handling middleware finding more middleware stack passive middleware code request and response, code that changes static file server example app 404 handler middleware built-in static file middleware middleware Morgan middleware set up writing first function static files with third-party middleware libraries express.static Morgan logger workings of at high level middleware stack Mint mixins in LESS, 2^nd in Pug Mocha testing framework adding more tests Node.js testing reversing tests running code before test setting up Mocha and Chai assertion library testing for errors writing first test module.exports function, 2^nd modules Node.js defining own modules requiring built-in modules requiring third-party modules with package.json and npm requiring in browsers modulo operator (%) MongoDB Mongoose, using to talk to from Node creating user model project setup using model reasons for using setting up SQL and talking to MongoDB from Node using creating user model project setup using model workings of MongoDB, Express, Angular. See MEAN. Mongoose, talking to MongoDB from Node using morgan function Morgan logger Morgan middleware Moved Permanenly (301) status code Mozilla Developer Network multiple static file directories Mustache templating system Myth tool

N

<nav> tag nesting, in LESS, 2^nd No Content (204) status code Node Security Project, checking against Node Version Manager. See NVM. Node, talking to MongoDB from creating user model project setup using model Node.js asynchronous nature of building web server using Express functionality in http module installing modules defining own modules requiring built-in modules requiring third-party modules with package.json and npm overview testing third-party modules for what Express adds to node-canvas NODE_ENV environment variable nodemon non-relational databases noSniff middleware NoSQL databases Not Found (404) error npm executing commands from npm scripts shrinkwrap command start command third-party modules with NVM (Node Version Manager)

O

OK (200) status code OpenSSL optimistic versioning, eschewing

P

package.json, third-party modules with parameters, grabbing to routes params property parse function parseInt function parsing of query strings passive middleware code Passport overview setting up middleware real authentication routes and views serializing and deserializing users passport.authenticate function password field path.join function, 2^nd POST methods Procfile protecting users cross-site request forgery (CSRF) prevention attack example in Express overview cross-site scripting attack prevention escaping user input mitigating XSS with HTTP headers using HTTPS public/ folder Pug layouts in mixins in referencing view using syntax of Pure framework, 2^nd PUT methods

Q

query strings, parsing of

R

randomInteger readFile method regular expressions, using to match routes relational databases render method, 2^nd renderFile function req.body variable req.csrfToken method req.logout function req.query Request (HTTP request client) request handlers request object, extending request.get method require function, 2^nd, 3^rd res.end method, 2^nd, 3^rd res.render function res.send() method, 2^nd res.sendFile method, 2^nd, 3^rd res.status() function response object, extending response-time Roole tool routers routes/ folder routing, 2^nd demo application in action main app code setting up two views example of features of grabbing parameters to routes grabbing query arguments using regular expressions to match routes overview serving static files routing to static files static files with middleware splitting up app using using Express with HTTPS

S

SAMEORIGIN option Sass, as alternative to LESS --save flag, 2^nd Schneier, Bruce <script> tags, 2^nd, 3^rd security Adobe products and cross-origin web requests bug free code enforcing good JavaScript with JSHint halting after errors happen in callbacks parsing of query strings clickjacking, prevention of dependencies safety auditing code checking against Node Security Project keeping dependencies up to date disabling x-powered-by option mindset preventing browsers from inferring file type protecting users cross-site request forgery (CSRF) prevention cross-site scripting attack prevention using HTTPS server crashes See Other (303) status code semantic versioning (semver) sendFile method, 2^nd, 3^rd, 4^th Sequelize tool serializing users server crashes servers, testing with Supertest filling in code for first tests testing HTML responses testing simple API shrinkwrap command, npm simplicity Sinon.JS SQL, MongoDB and SSL (Secure Sockets Layer) static file server example app 404 handler middleware built-in static file middleware middleware Morgan middleware set up writing first function static files routing to with middleware status method strict equality operator (===). See also triple-equals operator (===). String object Structured Query Language. See SQL. Stylus tool subapplications Sublime Text editor Supererror module Supertest, testing servers with filling in code for first tests testing HTML responses testing simple API

T

target attribute TDD (test-driven development) templates, EJS. See EJS. Temporary Redirect (307) status code test/ folder testing applications Mocha testing framework adding more tests Node.js testing reversing tests running code before test setting up Mocha and Chai assertion library testing for errors writing first test overview test-driven development testing Express servers with Supertest filling in code for first tests testing HTML responses testing simple API. See TDD. text/plain content type third-party middleware libraries express.static Morgan logger third-party modules, with package.json and npm throw keyword time joined property TLS (Transport Layer Security) toUpperCase function triple-equals operator (===) Twitter Bootstrap TypeError

U

Ubuntu Uglify task Unauthorized (401) error Underscore.js unit tests upgrading dependencies url variable urlAttempted property User object User.find User-Agent header userAgent property username field users variable

V

variables, in LESS verbs. See methods. view engines complicated view rendering Consolidate.js making all view engines compatible with Express simple view rendering views views directory views/ folder

W

web servers, building with Node.js Windows

X

X-Content-Type-Options header X-Frame-Options header X-Powered-By: Express header x-powered-by option, disabling X-Response-Time header XSS, mitigating with HTTP headers X-XSS-Protection header

Z

Previous Chapter

Appendix. Other helpful modules

List of Figures