July 2017
Intermediate to advanced
656 pages
16h 1m
English
book
Node Cookbook - Third Edition
by Matteo Collina, David Mark Clements, Peter Elger, Mathias Buus Madsen
Content preview from Node Cookbook - Third Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Restricting core module usage
Some core modules are very powerful, and we often depend on third-party modules that may perform powerful operations with little transparency.
This could lead to unintended vulnerabilities where user input is passed through a dependency tree that eventually leads to shell commands that could inadvertently allow for malicious input to control our server. While the chances of this happening seem rare, the implications are severe. Depending on our use case, if we can eliminate the risk, we're better off for it.
Let's write a small function that we can use to throw when a given core module is used thus allowing us to vet or at least monitor code (dependencies or otherwise) that uses the module.
To demonstrate, let's ...