Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 9 years ago.
Improve this question
I have gone through many articles of SO and Googled a lot but could not find some good premade libraries to prevent XSS (Cross Side Scripting) with Javascript for Node.js and PHP for Apache. I have found a lot of codes to prevent but isn't there some good libraries already available just include and use it?
php-antixss
htmLawed
HTML Purifier
xss_clean.php filter
XSS Protect
HTML XSS Filter
You can check it out Mod Security (kinda Module)
can be libraries, first go through their docs. But I would suggest you to use your own code for better prevention against such attacks.
It is essentially possible to automatically prevent XSS attacks, since one little line in the code written by the end-user (the developer using such a theoretical library) can open up an attack.
It isn't possible write such a library, you just have to be careful.
If it is a high priority project, the only thing you can really do is be careful and get a third-party security audit from a trusted source (though those usually cost several thousand and the low-end).
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 8 years ago.
Improve this question
How can I convert minimized java script to early Edition?
Is any software or website for this work?
Thank u for hints.
No, there is no software to unminify javascript you can minify it but reversing is not possible, if you are creating your own javascript code then you must keep both javascript versions minified and unminified for future reference.
And if you are using a javascript library or framework then both versions (minified and unminified) will be available on that site.
JavaScript cannot be "unminified". The purpose of minification is to represent the original javascript in the least number of characters. However it is a one way transformation since there are no clues in the minified version that can lead you back to the original content.
Ex: the variable myLongVariableName can be minified to just a since the JavaScriupt interpreter doesn't care about human readable variable names. However, after it's been mapped to a there is no way to map it back to myLongVariableName
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 9 years ago.
Improve this question
I have a moderate experience with Ruby on Rails, PHP, SQL an NoSQL databases and CoffeeScript.
I want to build a web analytics tool for people in my country for their local websites, that will also have a main page of top site ranks.
In the beginning I am not asking out of myself to have something as powerful as Piwik or GA, but I want to make a good start. I know I will have to use JavaScript, that is good, I will also need a server-side processing part, but I don't know how to efficiently put these parts together.
I would love to hear about a book about such topic, but I don't think there is one. If possible, please recommend materials and subjects I need to master to make out my plan. Maybe some aids that can help me too.
Why not go through how Piwik use its tracker? It is open-source, so all sources are available.
Might be a good place to start!
Piwik github
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 9 years ago.
Improve this question
I'm working on a single page application and I'm referencing Angular in it. However, the only thing I am using Angular for is the routing (and ng-animate for animating transitions between partials) so that I can change views without reloading the entire page. I don't anticipate using anything else from Angular but I don't know that for sure, as this is my first SPA. I am concerned about things such as load times (especially for international users who aren't near CDNs) as well as security (no point in having potential vulnerabilities if I'm not using those features), etc.
Q: Is using Angular solely for routing overkill? Should I be using something more lightweight?
AngularJS is a framework use it only for routing it's like use a bazooka for a bug ...
I think you need a lightweight library.
The best choice for routing IMHO it's Sammy.js with mustache.js for templating if you need it.
http://sammyjs.org
http://mustache.github.io
Refer to this post :
Comparison between Sammy.js/History.js/Nav.js
Hope it Helps.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 9 years ago.
Improve this question
iam looking for some tools or ways to detect memory leaks, slow methods in my javascript app.
You need to use the profiler; I recommend Chrome's. In the profiler the steps are
Go to the profile part of the developer tools
Get to the part where the slow js is
Start recording
Start the suspect code
Stop recording
After that, the profiler will tell you everything you want to know about how many objects there are, how much time is spent in each method, etc...
The procedure should be similar with Firebug on Firefox.
Good question. Profilers/browser plugins are handy, but very well may yield results unique to the browser being tested on. There are a number of techniques available from testing via multiple browser's plugins/profilers to inline debugging performance statements.
Two good articles with, robust examples and recommendations:
How do you performance test JavaScript code?
Memory leak patterns in JavaScript
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 8 years ago.
Improve this question
I see that javascript is becoming more and more practical as a server side language with the advent of node.js and v8. As far as frameworks go, most of what I've seen are minimalistic frameworks. Even express.js, one of the more promising ones, is a little bare.
Are there any full stack server-side frameworks out there for JS yet?
There's RingoJS, the current form of the (surprisingly old) Helma framework. It's a Rhino-based implementation, so you can get whatever you want from the JVM (sort-of a "good news/bad news" joke I guess).
Check out towerjs and railwayjs.
There is a very powerful webapp stack called ringojs. It is actually a Rhino prompt that you can use to run javascript modules. It is based on Jetty and features a well designed set of modules and a powerful but simple template engine (including inheritence and macros). You can reuse the galaxy of Java libraries out there throught simple Javascript-Java interop. Coming from J2EE development I threw out a lot of ceremony code and configuration - it is very productive, especially tweaking your running webapp throught the prompt