Daaang Amy
open main menu
Part of series: Learning the Backend

Let's Go: Ch 5-9

/ 2 min read

These chapters are a big slow going. It was mostly about building out the snippet application further out, adding features and how to refactor.

Runtime Errors

Runtime errors are hard to catch and we must always be careful to not send unintended data to our users, for example, half finished HTML data.

Middleware

The position of where you place middleware is important! Since servers run in a chain of function calls, placing a middleware in the wrong order could cause unintended behaviors.

Important security headers for HTTP

Note this is not for HTTP/2.

  • Content-Security-Policy
    • used to restrict where the resources on your web page can be loaded from
  • Referrer-Policy
    • control what information is included in a Referer header when a user navigates away from your web page
  • X-Content-Type-Options
  • X-Frame-Options
  • X-XSS-Protection

Panic Recovery

Go http server will not crash the server when there is a panic in one of your handlers BUT that does not mean that the user will receive the correct response. In most cases, un-handled panic recoveries will return an empty response to the user. That’s not every helpful is it? One solution is to create a middleware that will recover the panic and sends back an server error, which is one of the 500 status codes.

Header: Connection: Close

Indicates that the server or client would like to close the connection. On the server side, use this when there is a bad request.

Form Validation

We never want to insert data into our database that has not been validated first because of security and malformed data.

Ch 9: Session Management

I wish this part would explain why we would need session management and uses cases for real world applications. It goes through implementation but not much of an explanation of how it works behind the scenes. This is probably a chapter where you would want to do some further reading about cookies and different types of session management.

One thing I would change in this book

Move away from using the command line to create tables on your database. I know that if he were to dive deep into database management, it could be another whole book. I think at the very least, indicate that this shouldn’t be the way you should be handling your database and to list a few resources.

Relevant Posts