1. When the web server sets cookies, it can provide some additional attributes to make sure the cookies won't be accessible by using malicious JavaScript. One such attribute is HttpOnly.
Set-Cookie: [name]=[value]; HttpOnly
HttpOnly makes sure the cookies will be submitted only to the domain they originated from.
2. The "Secure" attribute can make sure the cookies are sent over secured channel only.
Set-Cookie: [name]=[value]; Secure
3. The web server can use X-XSS-Protection response header to make sure pages do not load when they detect reflected cross-site scripting (XSS) attacks.
X-XSS-Protection: 1; mode=block
4. The web server can use HTTP Content-Security-Policy response header to control what resources a user agent is allowed to load for a certain page. It can help to prevent various types of attacks like Cross Site Scripting (XSS) and data injection attacks.
Content-Security-Policy: default-src 'self' *.http://sometrustedwebsite.com
Posted Date:- 2021-08-27 13:32:47
How does Node.js handle the child threads?
Explain the usage of a buffer class in Node.js?
Differentiate between process.nextTick() and setImmediate()?
What are the pros and cons of Node.js?
Explain the concept of stub in Node.js.
Why node.js is quickly gaining attention from JAVA programmers?
What do you understand by global objects in Node.js?
List down the two arguments that async.queue takes as input?
What does event-driven programming mean?
For Node.js, why Google uses V8 engine?
What do you understand by ESLint?
What do you understand by callback hell?
List down the major security implementations within Node.js?
What are LTS releases of Node.js?
What do you understand by Reactor Pattern in Node.js?
Explain the purpose of module.exports?
What is an error-first callback in Node.js?
List down the steps using which “Control Flow†controls the function calls in Node.js?
List down the tasks which should be done asynchronously using the event loop?
Explain REPL in the context of Node.js.
What do you understand by Event-driven programming?
What is the meaning of a test pyramid?
What are some of the most commonly used libraries in Node.js?
What is Event loop in Node.js work? And How does it work?
How can you import external libraries into Node.js?
What is the primary reason to use the event-based model in Node.js?
Are there any disadvantages to using Node.js?
What is the use of DNS module in Node.js?
What is EventEmitter in Node.js?
What is REPL? What purpose it is used for?
How can you make sure your dependencies are safe?
How can you secure your HTTP cookies against XSS attacks?
When should you npm and when yarn?
What is an event loop in Node.js?
Why is Node.js so popular these days?
What is the control flow function?
What is the difference between synchronous and asynchronous functions?
What are the different API functions supported by Node.js?
Briefly explain the working of Node.js.
How is Node.js most frequently used?
How would you define the term I/O?