Going surfing – Protect your Node.js app from Cross-Site Request Forgery

One classic attack when working with web applications is Cross Site Request Forgery aka CSRF/XSRF (read C-Surf). They are used by attackers to perform requests on behalf of users in your application without them noticing. Let’s look at how they can pull this off and how we can protect our applications from these type of threat. Let’s talk theory Before we can prevent CSRF attacks we need to… Read More

Putting the helmet on – Securing your Express app

Express is a great way to build a web server using Node.js. It’s easy to get started with and allows you to configure and extend it easily thanks to its concept of middleware. While there are a variety of frameworks to create web applications in Node.js, my first choice is always Express. However, out of the box Express doesn’t adhere to all security best practices. Let’s look at… Read More

Implementing Chat in JavaScript, Node.js and React Apps

Chat user interface

If you’re building a chat user interface using JavaScript React, how do you integrate the rest of the backend functionality into your application? In this article, we’ll start by cloning a Git repository with the completed chat interface, then implement Programmable Chat and test sending and receiving messages between multiple users. Getting Started We’re going to start with a simple React application that has just a few… Read More

Building a TodoMVC with Twilio Sync and JavaScript

Sharing information between different devices in real-time is difficult but with Twilio Sync it’s just a matter of a few lines of code. To see how Sync works let’s create our own version of the TodoMVC application using Twilio Sync to store our data and share it across multiple devices. We’ll base our version on a copy of the Vanilla JS version of TodoMVC and alter the storage… Read More

Handling High Volume Inbound SMS and Webhooks with Twilio Functions and Amazon SQS

Incoming messages to SQS

Do you or a developer you know code for a nonprofit or social enterprise? Twilio.org can help with API credit and discount pricing to increase your impact. When you use Twilio at scale, like our Twilio.org buddies DoSomething and Mobile Commons, webhooks can generate a significant amount of traffic to your web application. Each inbound message and status callback generate an HTTP request to your app. These requests add up quickly… Read More

Building the IT Crowd Answering Machine with Twilio Functions and JavaScript

Picture of Roy from IT Crowd answering the phone

One of my favorite things from IT Crowd is their “Hello IT” machine. It’s the perfect solution for lazy people who are tired of answering the same IT support questions again and again. With Twilio Functions and the new Speech Recognition we can build our own version of this machine with just a few lines of code. If you are not familiar with the answering machine from IT… Read More