Hi, I'm trying to sell/provide a web application to my school. It's basically a small clock app which tells students how long they have till next period etc. I would like it to be embedded into the main school website via an IFRAME, but some IT technicians at my school are having security worries. They state that they have internal policies on third party apps, and that Node.js itself is "not secure at all". They referred to something called a CVE list (Is this it? https://www.cvedetails.com/vulnerability-list/vendor_id-12113/Nodejs.html) Are there any other security issues I should be worrying about?My app does not have any forms, anywhere where user can enter in data and does not use cookies. It stores no data from users whatsoever. The only three npm dependencies I have are express, ejs and googleapis. How can I convince them that it would be safe? Any help is appreciated.
Submitted May 31, 2019 at 10:04AM by ThatOneIncident
No comments:
Post a Comment