10.1. The security mindset
10.2. Keeping your code as bug-free as possible
10.2.1. Enforcing good JavaScript with JSHint
10.2.2. Halting after errors happen in callbacks
10.2.3. Perilous parsing of query strings
10.3. Protecting your users
10.3.2. Preventing cross-site scripting attacks
10.3.3. Cross-site request forgery (CSRF) prevention
10.4. Keeping your dependencies safe
10.4.1. Auditing the code
10.4.2. Keeping your dependencies up to date
10.4.3. Check against the Node Security Project
10.5. Handling server crashes
10.6. Various little tricks
10.6.2. Preventing clickjacking
10.6.3. Keeping Adobe products out of your site
10.6.4. Don’t let browsers infer the file type
What’s inside