It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 11 years ago.
I want to start and learn coding to create a web application. I have experience in Java, C, Lisp, and Perl. I heard node.js is good to learn.
Can anyone suggest a good place to start?
You just need to learn javascript. Pedro Teixeira makes node screencasts which you can watch it at http://nodetuts.com/. Just sit back, relax and watch these screencasts to learn about nodejs.
Furthermore I would advice you to master:
npm: npm is a package manager for node
expressjs.com: High performance, high class web development for Node.js.
socket.io: Socket.IO aims to make realtime apps possible in every browser and mobile device, blurring the differences between the different transport mechanisms.
The basic of these programs are also explained with those screencasts.
You could start with a tutorial like the one at nettuts or the Node Beginner Book for example.
There's also an introduction video on the homepage of node.js itself. Check that out as well.
The "Let's make a webapp" tutorial of dailyjs is also a nice starting Point. And don't forget the Node Guide. There is also a free ebook called Mastering Node which may be interesting.
Related
It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 9 years ago.
To start a new project/webapp on Node.js, I need:
Folder Structure;
Libraries (Express, RequireJS, Mocha, Bower, ...);
Software Phases - Build, Compile, Testing, ...;
...
Which is the best Stack for Large-Scale projects on Javascript/Node.js?
Thanks in advance for your help!
First thing's first, keep it simple. Every new tool you add is another dependency, and another potential stress point for the project. With that in mind, some good tools, methodologies, and best-practices for server-side javascript development are:
Folder Structure
This doesn't really matter. Just do what makes sense to you, and what you think will make sense to others if you plan to have collaborators. Search github for Node.JS projects and see how they're structured. I found one good example: https://github.com/thomasdavis/backbonetutorials/tree/gh-pages/examples/nodejs-mongodb-mongoose-restify
Libraries
The libraries you use is going to greatly depend on what type of project you're working on. Does the REST API hit a database? Is it MongoDB, redis, MySQL, Neo4J, ... ? You're going to need an interface for that.
Express is a great framework. (I believe it can start a project for you even.)
Technologies
Have you considered Coffee/Clojure-script? This extra step at compile time can save you a lot of headaches later on. Your code will also be more readable to others. Jslint is another great tool to verify javascript code. Also, I have to suggest using git for version control. If you aren't: learn it, master it, use it. http://www.git-legit.org/
Methods
Your software development strategy will be dependent on what tools you end up using as well as your own personal choices with regard to how you like to write software. I would suggest using Jenkins to continuously integrate your code, and some sort of test framework to ensure what you write is right.
It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 9 years ago.
I have been trying Node.js+MongoDB tutorials from Googling and old stackoverflow answers, such as http://dailyjs.com/tags.html#lmawa, http://howtonode.org/express-mongodb, and videos online. Since these tutorials are out-dated by a couple of years (which is a lot for the fast-evolving Node.js), I've been struggling to figure out how to make them work, in vain and pain.
Do you know any RECENT tutorials that work with the latest version of Node.js and MongoDB? Thanks!
You did not mention any specific module you are using to use mongodb. So to begin with choose one. If you check the joyent/node modules page it shows so many modules you can use to work with mongodb.
Please check the page: https://github.com/joyent/node/wiki/modules#wiki-db-nosql-mongo. Most of the packages listed have proper documentation. And you can find tutorials on their pages too. The two most used are mongodb and mongoose.
mongodb
Its documentation page has
Tutorials
API Documentation
External Tutorials
Video Presentations about different topics around the MongoDB and Node.js
mongoose
Project page
Quick Start
API Documentation
Have you looked at:
the GitHub Examples
the Try it in your browser
the comprehensive Readme
official tutorials
last but not least: the official Documentation
All these resources are up to date.
I know node.js is fast evolving, and sometimes documentation lags, but this case you should not have any problems.
Also: Inside the official docs you find a few other resources.
It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 10 years ago.
We have a new extension that we built for many months and is live on the webstore.
Our extension communicates with our API and we get many fake installs daily - installs that we see in our API and not in the web store.
After many sleepless nights - We suspect that a robot with chrome runs our extension and deletes the local storage every time - this is only our best guess, although we are not sure if it's likely because the IP of each installation is different.
There are many more details - so If you would like to help and need further info let me know what and I can elaborate.
I'm not familiar with this Chrome extension API, BUT, if someone earns money by letting people install your extension then I'd check that lead.
Eventually, the clients (many IPs you say) that apparently "install" your extension report this event by making an HTTP request - again I only presume!
Saying that, it might be that someone controls many computers which simply initiate these HTTP requests to "report" a (fake) installation, thus making money.
If that is the case, and someone does make money out of your extension (could be also INDIRECTLY) then check the affiliate code or whatever, this is even an issue to report to Google itself, they can certainly investigate that.
It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 10 years ago.
I am currently writing user interface in ember.js and need some help in server-side decision concerning transfer technologi and server-side script.
App is planned to simply wrap calling of few server-side script with adding some database suggar for handling users permissions and storing inputs-outputs.
Users has to be logged-in for proper work with application.
I am expecting high concurrency of working users and since I can use more paralel threads on server I am not entirely sure if I have to go with Node.js+socket.io.
Half of requests will be simple ask to database requests and other half will need little more computation time of another server-side script (up to 5s).
I will most probably use MongrelDB as database.
My biggest questions:
Is today technologicaly safe to go with pure websockets or is better to have gracefull degradation of Socket.io?
Will node.js scale nicely on multi-core box or should I use something like Mongrel2 with python backend?
Will python backend handle big concurency giving that some responses are really long?
How do I handle logged-in users with node.js+socket.io?
Better to have graceful degradation - because websocket protocol is still in changing rapidly.
For scalling, I'm use Redis pub/sub, but you can use cluster module for multi-core.
Don't know.
I'm share session from connect to socket.io with RedisStorage. You can use RedisStorage only for handle logged-in users.
It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 11 years ago.
how to minimize threat on website?can u list the way to minimize that problem?
This is an extremely broad topic, and can't really effectively be answered in one answer. But here's a few common vunerabilities you should be researching and learning about.
XSS (Cross-site scripting) attacks - A method by which the security of your users can be compromised by allowing arbitrary javascript to be executed on your page.
SQL Injection - By allowing arbitrary SQL scripts to be executed on your database, you can give attackers the ability to retrieve senstive information from your database or even destroy data.
Password Security best practices - There's a whole host of information about the proper way to deal with authentication and storage of user information in your database.
There are a handful of universal things to employ:
Good password policies
Avoid SQL injection vulnerabilities
Secure the server itself, not just the website
This list can, and does, go on just about forever. It's a little vague, but then so is your question really.
It sounds like you're asking "How do I do secure web programming?" That's just too broad for this site. You're asking us to impart years of industry knowledge about a very diverse subject into a few paragraphs. It just can't be done.
You're much better off getting some books on the subject. You can start with the Web Security Testing Cookbook. But there are a lot more places to go from there.
Keep in mind that two big parts of "securing a website" are:
Designing it with security in mind from the beginning. Retro-fitting security isn't very reliable. (As an old network admin I worked with once said, even if you put your cotton candy in a steel box, it's still soft and squishy.)
Knowing how to exploit security holes, so as to better test your own implementations.
As others have mentioned, this is a broad topic.
Personally, I would start here: http://www.owasp.org/index.php/Top_10_2010
The OWASP Top 10 list is the basis for PCI compliance, and considered the gold standard by many as far as web applicaiton security. OWASP offers general guidance, as well as specific guidance for any number of platforms. I've learned more about security here than anywhere else.