Hello. I’ve been trying to get up and running with node.js so i can finish this book “The definitive guide to HTML5”
Firstly, I’ve spent the last 2 hours just trying set up a functioning node.js environment on my machine (Windows 7 64 bit). My problem is I believe i can get it installed but none of the tutorials I’ve looked at explain whats going on at all. So if your system isn’t set up exactly like there’s you won’t know what to change… Example
The go the command prompt and start typing in commands to run the installer, then they switch to diff directory and start typing in node commands and as far as I’m concerned they “Magically” just work.
Where does node install to? Does it matter? It doesn’t give any options or indication when it installs it just installs and that’s it.
What directory do I need to be in in order to input something like “node --version” or “node example.js”
Where do i store my node js files… and what exactly makes up this server environment.
I’m not used to command line… I hardly ever need to use it and I don’t like it so maybe this is why I’m struggling. If someone could help em out it would be greatly appreciated.
it doesn’t matter where I’ve installed the program. I can just hit right click and run the .js file with ‘Evented I/0 for V8 JavaScript’ and it works… well it’s worked so far with the ‘hello world’ program…
My question now is if I can run this script from anywhere, then where are the boundaries to what is the “server” and what isn’t… From what I can see I can write js code to go anywhere on my computers filesystem that I want… so is what is included as part of the server determined by how far reaching my .js file is? and if so isn’t it easy to write non secure code if this .js file can potentially touch everything on the filesystem??
Any clarification in the simplest terms will be appreciated.
The trick is in most cases you wont be sitting at the server console right clicking things to run. Rather it will be requested remotely over http. So that security issue doesn’t apply. Though some more entertaining ones do.
I get that it fields incoming http request. But because it is being processed with JavaScript and the the programs you can write are so simple, how is it not SUPER easy for someone to “inject” JavaScript and just dominate your “server” application.
But anyway. My real question is what is the key to running these scripts from the command line window… I can’t seem to get my .js files to work this way.
Remote code injection is amongst the “more entertaining” scenarios which I was writing. Never, ever trust user input.
Probably the issue is node.exe (or whatever they call it, haven’t tried it on windows) is not in the PATH so you can’t type “node somefile.js” at a command prompt as it can’t find node. The way to fix this is to add it to the path, or to figure out where it is and call node.exe directly – “c:
ode
ode.exe somefile.js”.
alright, that was exactly the issue. Thanks for guidance.
I found a article that helped with the path thing (http://www.hacksparrow.com/install-node-js-and-npm-on-windows.html). My inexperience with the cmd line was what was mostly holding me back as many of the tuts are by people who already have it installed and skip important steps like setting paths that they’ve already had set and other cmd centric practices that many new devs probably won’t have much practice in.