Download Brochure
Contact Us
Contact Us
Contact Us
Contact Sales
  • Company
  • About Us
  • Investor Relations
  • Community
  • Newsroom
  • Resources
  • Careers
Contact Us
All Synopsys
+ Silicon Design & Verification + Silicon IP + Software Integrity + About Us
Support
SolvNetPlus Software Integrity Customer Community
Global SItes
日本語 简体中文 繁體中文 Русский

Hapi.js Security

Description

Hapi.js is a great choice for a server-side framework because of its first-level support for common security practices. In this microcourse, you will learn about the top 10 Hapi security best practices, which will help to arm you with the knowledge required to keep your Hapi applications locked down. 

Learning Objectives

  • Securely serve static resources 
  • Prevent XSS injections with secure templates 
  • Secure cookies with defined best practices 
  • Perform proper content validation 
  • Protect against CORS and CSRF attacks 
  • Implement a strong content security policy

Course Outline

  • Course Overview
  • Best Practice: Securely Serve Your Static Resources 
  • Best Practice: Use a Trusted Cross-Site Scripting (XSS) Sanitizer
  • Best Practice: Use Secure-Handlebars When Possible 
  • Best Practice: Control Sources of Content 
  • Best Practice: Secure Your Cookies 
  • Best Practice: Validate Everything With Joi 
  • Best Practice: Protect Requests With the Crumb Plugin 
  • Best Practice: Whitelist Allowed Domains Using CORS 
  • Best Practice: Implement a Strong Content Security Policy (CSP) Early 
  • Best Practice: Protect IE Users With X-Download-Options

Details

Duration: 10 minutes

Level: Intermediate

Intended Audience:

  • Back-End Developers
  • Enterprise Developers

Competencies: Basic understanding of the Hapi.js framework

Prerequisites: None

Get more course information

250 / 250

More courses you might like

DevSecOps Security

See course information

Principles of Software Security

See course information

OWASP Top 10 (2017)

See course information

eLearning demo
View course catalog