Questions[javascript](server)

I mean pure javascript client that uses HTML5 sockets and doesn't need to be installed, just open single js file in browser. Is it possible to write such client at all?

I am trying to configure a Nginx server to connect to a Node.js HTTP server via a UNIX domain socket.

The Nginx configuration file:

server {
  listen 80;

  location / {
    proxy_pass http://unix:/tmp/app.socket:/;
  }
}

(according to http://wiki.nginx.org/HttpProxyModule#proxy_pass)

The Node.js script:

var http = require('http');

http.createServer(function(req, res) {
  console.log('received request');
  req.end('received request\n');
}).listen('/tmp/app.socket');

Now, when I try to call

curl http://localhost/

I only get the 502 Bad Gateway error page in curl and nothing on the Node.js process.

Am I doing something wrong?

edit:

After trying quanta's solution, the mistake must have to do with the Nginx configuration, since the Node.js process establishes the connection to the socket correctly.

I also tried to configure Nginx this way:

upstream myapp {
  server unix:/tmp/app.socket;
}

server {
  listen 80;

  location / {
    proxy_pass http://myapp;
  }
}

But this didn't work either.

BTW I'm using Nginx v1.0.6.

The following is being written to the error log in Nginx, when I use the second configuration

2011/09/28 13:33:47 [crit] 1849#0: *5 connect() to unix:/tmp/app.socket failed  (13: Permission denied) while connecting to upstream, client: 127.0.0.1,        server: , request: "GET / HTTP/1.1", upstream: "http://unix:/tmp/app.socket:/", host: "localhost:80"

Our development team has been considering using Node.js for a new enterprise application that requires high-level security. The users include federal police, so there's a high chance that we'll eventually be audited for security.

• Given that Node.js is relatively new, does it still have security issues that need to be addressed?
• Does anyone have any development experience with Node.js and any insight into potential attacks using its structure?

I appreciate the help.

Edit: some users on StackOverflow have suggested using a reverse proxy, but I'm curious if anyone has more suggestions.

What criteria would I use to choose a server to run Node.js?

It seems like shared-hosting is a nonstarter since it's so new. Given how it works, what would I be looking at in terms of a production machine? Assume initially I'm on a limited (~no more than US$5 to US$25 per month) budget.

I am in the process of releasing a couple of asp.net websites from development to production. Everything seems to be working fine in development, but upon the release to production we get a number of javascript errors when accessing the site. This appears to be something on the server though as this same code has been deployed to a testing server and works fine with the same clients. The server is a Windows 2008 using IIS7

Errors being thrown:

An number of syntax errors (scriptResource) - 10 of these

Error: syntax error
Source File: http://website.com/ScriptResource.axd?d=abc032_vah79hasdf87&t=123456789
Line: 3
Source Code:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 

Error the same as above but with WebResource.axd instead of ScriptResource.axd - 2 of these

and then two that seem to be the real cause?

Sys is not defined

and

WebForm_AutoFocus is not defined

----------------- Addendum --------------------

As per suggestions I looked into the ScriptResource.axd and WebResource.axd

The web application being deployed has forms authentication and re-directs to the login page if any page is referenced other than the login page. It appears that this is happening with the ScriptResource.axd and WebResource.axd (i.e. login page tries to reference those items, redirection happens so they don't get the javascript back, errors are thrown)

To that end I added "location" tags to the web.config to try and allow all users through to those items, so the login page would work (see relevant web.config sections below)

<system.web>
   <authentication mode="Forms">
      <forms loginUrl="login.aspx" defaultUrl="home.aspx"/>
   </authentication>
   <authorization>
      <deny users="?"/>
      <allow users="*"/>
   </authorization>
   ...
</system.web>
<location path="ScriptResource.axd">
  <system.web>
    <authorization>
      <allow users="*"/>
      <!-- allow all users -->
    </authorization>
  </system.web>
</location>
<location path="WebResource.axd">
  <system.web>
    <authorization>
      <allow users="*"/>
      <!-- allow all users -->
    </authorization>
  </system.web>
</location>

This unfortunatly has not solved the problem either. Is there some setting/configuration option that stops the location tag from working? We've added the same tags for pages in the application (to test) and it works on the developers machine, but not the server. It looks like if we could just get these location tags working on the server everything would work, any suggestions?