How it works...

Express's HTTP server capability is built on top of the Node.js HTTP core library. This library provides the bare-bones HTTP server capability, but is generally considered too low-level for your average developer's web-server needs. Node also provides an HTTPS core library that does the same for HTTPS web servers. The main difference is the need to provide an SSL key and certificate to the HTTPS web server. We can load these items as a configuration object in our Express launcher script in /bin/www.

This client-to-server encryption paired with the header protection provided by Helmet and the session security layer by express-session have greatly improved our web application's security. However, security is much more a developer ...

Get MEAN Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.