CS571 Summer 2021: Web Technologies Exam 2 PDF

Quiz Submissions - CS571 Summer 2021: Web Technologies Exam 2 Tanvi Gajanan Kale (username: [email protected]) Attempt 1 Written: Jun 28, 2021 6:00 PM - Jun 28, 2021 6:40 PM Submission View Released: Jun 29, 2021 8:00 AM Cookies and Privacy Questions Question 1 2 / 2 points [2 points] Which of the following are ways to opt out of cookies? Select “do not track” in browser Check account preferences on registration sites Use cookie management tools in browser View current cookies and delete what you do not need Upload opt-out cookies Question 2 1.2 / 2 points [2 points] Select all ways to "opt out" of cookies. Select all that apply. Use cookie management tool in browser Install browser extensions Download opt-out cookie Change account Preferences on registration sites Select "do not track" in browser Question 3 2 / 2 points [2 points] What are the parties involved in Web advertising? Select all that apply. Advertisers Third-parties Website owners Website visitors Ad network Web Security Questions Question 4 2 / 2 points [2 points] Which of the following are client-side attacks? Select all that apply. Insufficient Authentication Clickjacking Cross-Site Request Forgery (CSRF) Browser and Plugin vulnerability Cross-site scripting Question 5 1.6 / 2 points [2 points] Which of the following are authentication attacks? Content Spoofing Cross-Site Request Forgery (CSRF) Weak Password Recovery Validation Insufficient Authentication Brute Force Attacks Question 6 1.2 / 2 points [2 points] What are the most recommended ways to generate strong passwords? Select all that apply. Use passwords with low entropy Use a combinations of 8 or more letters, digits and special characters Use diceware generated passwords Use a very large number of characters Use passwords that satisfy Microsoft Active Directory settings REST Questions Question 7 1.6 / 2 points [2 points] For REST Web Services, what of the following statements are true? Select all that apply. POST requests can also be used for read-only queries GET requests should be used for read-only queries Use of query strings should be maximized REST protocol includes handling encryption POST requests should be used for creating data High-Performance Websites Questions Question 8 1.2 / 2 points [2 points] Select all conditions where a “cached object” is fresh. It has expire header with time set in the future If browser cache has seen the object recently, and has been set to check once per session A proxy cache has seen the object recently, and it was modified long ago Current age is greater than age value given in cache-control header The origin server is asked to validate the object Question 9 0.8 / 2 points [2 points] Select the types of files should be compressed to improve web site performance. Select all that apply. XML files Text files Minified JavaScript files JSONP files JPG files HTML5 Questions Question 10 1.2 / 2 points [2 points] Which of these are the 2 most popular HTML5 video codecs? Select only 2. VP9 Theora H.264 Audio Video Interleave (AVI) Ogg Question 11 1.6 / 2 points [2 points] Which of the following are new features in HTML5. Select all that apply. Canvas Network-based storage Local SQL database Offline web applications Web Forms improvements Question 12 1.2 / 2 points [2 points] Select capabilities included in HTML5. Select all that apply. Interactive canvas gradient Editable content Drag files from Desktop into HTML5 window Storage Drag and Drop API Ajax Questions Question 13 2 / 2 points [2 points] The fetch() API includes an option that can be set to any of the REST HTTP Methods. True False Question 14 2 / 2 points [2 points] The XMLHttpRequest object can be used to upload a file. True False Question 15 2 / 2 points [2 points] Synchronous XMLHttpRequest() has been deprecated. True False Question 16 2 / 2 points [2 points] The web browser displays a visual progress indicator while the XMLHttpRequest is being processed. True False Question 17 2 / 2 points [2 points] Select all valid XMLHttpRequest() Object properties. Select all that apply. onReadyState status readyStateChange Question 18 1.333 / 2 points [2 points] Consider the following object: var xhr = new XMLHttpRequest(); Which values should be checked in the callback? Select all that apply. xhr.readyState is 4 xhr.status is 404 xhr.statusText is OK Question 19 2 / 2 points [2 points] Which JavaScript method is used primarily with JSON? eval() run() exec() Question 20 1.5 / 2 points [2 points] Of the URLs below, select only the ones that have the same origin as http://www.ajaxbook.com? http://carsearch.ajaxbook.com https://www.ajaxbook.com http://www.ajaxbook.com:443 http://www.ajaxbook.com/ajax Question 21 2 / 2 points [2 points] Which of the URLs below have the same "origin" as https://mobile.ibm.com? Select all that apply. http://mobile.ibm.com https://mobile.ibm.com/top.html https://mobile.ibm.net Question 22 1 / 2 points [2 points] Consider the following code snippet: j = eval("(" + text + ")"); Select all answers that are TRUE for such code. It is part of JSON.parse() It is very unsafe JQuery Questions Question 23 2 / 2 points [2 points] What type of selector is the name="value" selector, as in the following example: $("input[value='Hot Fuzz'] ").text( "Hot Fuzz" ) ; Attribute Contains selector Attribute Text selector Attribute Equals selector Question 24 2 / 2 points [2 points] What type of selector is the ‘:contains()’ selector, as in the following example: $( "div:contains('John')" ).css( "text-decoration", "underline" ); Select one correct answer. Child Contains category Child Filter category Content Filter category Question 25 2 / 2 points [2 points] What is the jQuery code that corresponds to the following DOM code? mybutton = document.getElementById("mybutton"); $(".myButton"); jQuery("#myButton"); Question 26 2 / 2 points [2 points] What type of selector is the ‘header’ selector, as in the following example: $(":header").css({ background: "#ccc", color: "blue" }); Basic selector Basic Filter selector Basic Color selector Question 27 2 / 2 points [2 points] What type of selector is the ‘contains’ selector, as in the following example: $("div:contains('John')" ).css( "text-decoration", "underline" ); Basic Filter selector Content Filter selector Basic Text selector Question 28 2 / 2 points [2 points] Which of the following objects are abstracted by jQuery? Select all that apply. JSON DOM XMLHttpRequest Question 29 0 / 2 points [2 points] jQuery has fairly complex ajax support functions. True False Responsive Website Design (RWD) Questions Question 30 1 / 2 points [2 points] What are properties of fluid grids? Select all that apply. Defined using relative dimensions Define grids based on number of rows and columns Have to adjust width manually for certain devices Elements will adjust their widths and heights by the specified proportions to their parent container Question 31 1 / 2 points [2 points] Select valid reasons why hosting a.mobi website is not recommended. Select all that apply. It hinders search engines Requires duplication of content Question 32 1 / 2 points [2 points] Consider the following media queries: What different device sizes they fail to support? Select all that apply. Devices with large screens Devices with small screens Question 33 1 / 2 points [2 points] Select all the reasons why hosting a separate mobile.mysite.com website is not recommended. Select all that apply. Sharing mobile site will not work for all users Site will work only with a large variety of devices. mobi TLD is not widely used Redirects have high overhead Question 34 1 / 2 points [2 points] Select all the reasons why hosting a separate.mobi website is not recommended. Select all that apply. Results in content synchronization issues Will work on multiple device sizes Nobody is using.mobi TLDs Redirect take time Frameworks Questions Question 35 2 / 2 points [2 points] Select which of the following is NOT true of NodeJS. handles networking uses blocking I/O model is event driven Question 36 1.333 / 2 points [2 points] Which of the following are TRUE of Node.js? Select all that apply. Provides POSIX functions for File I/O Is bundled with 'npm' Includes modules that handle IP Question 37 1 / 2 points [2 points] Select which of the following are TRUE of TypeScript. Select all that apply. A Semantic superset of JavaScript Can seamlessly consume JavaScript Question 38 2 / 2 points [2 points] Select which JavaScript Framework(s) provides two-way Service/Component architecture? React Angular Question 39 1.333 / 2 points [2 points] Which of the following are TRUE of TypeScript? Select all that apply. Supports Optionals Includes support for classes and modules Supports MVC Serverless Questions Question 40 2 / 2 points [2 points] Select all features of a container. Select all that apply. portable requires a VM made mainstream by Docker Question 41 2 / 2 points [2 points] Select which of the following is true of AWS Lambda? Select all that apply. Functions are unit of deployment Can be triggered by HTTP only Adapts to rates of incoming requests Question 42 2 / 2 points [2 points] Which of the following are properties of a container like Docker? Select all that apply. Container images can be shared Containers on same host share single Linus kernel Not portable Question 43 1 / 2 points [2 points] Select which of the following are TRUE of Serverless Architectures. Select all that apply. Provide authorization and authentication services Execution environment provided by service No compute resource to manage Provisioning and scaling handled by the client 1St Half Course Questions Question 44 2 / 2 points [2 Points] Which of the following are valid values of the Accept-Encoding header? Select all that apply. compress br Question 45 0 / 2 points [2 Points] Consider the following program: alert( "123".match( /\d/g )) What is displayed by the alert? 1 1,2,3 Question 46 0 / 2 points [2 Points] The tag "src" attribute, referring to a JSON or JavaScript program, has cross-domain restrictions of the JavaScript sandbox. a) True b) False View Feedback Question 47 2 / 2 points [2 Points] Consider the following example from w3schools.com. Try it function myFunction() { var x = document.images.length; document.getElementById("demo").innerHTML = x; } What happens when one clicks the “Try it” button? klematis.jps is displayed The number 2 is displayed below the "Try it" button The number 3 is displayed below the "Try it" button Question 48 1.333 / 2 points [2 Points] In HTML, what character sets support multi-lingual environments? Select all that apply. UTF-8 ISO-8859 UTF-16 Question 49 2 / 2 points [2 Points] Consider the following CSS..showNav ul li a:hover{color:#202022;} And the following HTML snippet. Which of these examples to replace will trigger the CSS? some navigation Some navigation Question 50 2 / 2 points [2 Points] Consider the following Python code: >>> cubes = [1, 8, 27, 65, 125] >>> 4 ** 3 64 >>> cubes = 64 >>> cubes What gets printed? [1, 8, 27, 64, 65, 125] [1, 8, 64, 65, 125] [1, 8, 27, 64, 125] Attempt Score:76.43 / 100 - 76.43 % Overall Grade (highest attempt):76.43 / 100 - 76.43 % 12/2/21, 12:54 AM : Quiz Submissions - CS571 Fall 2020: Web Technologies Exam 2 - CSCI571 - 20203 - Web Technologies - USC Viterbi School of Engineering Quiz Submissions - CS571 Fall 2020: Web Technologies Exam 2 Pratusha Singh (username: [email protected]) Attempt 1 Written: Nov 24, 2020 6:01 PM - Nov 24, 2020 6:42 PM Submission View Your quiz has been submitted successfully. Cookies and Privacy Questions [10 pts] Questions are worth 5 points each. Question 2 3 / 5 points Select all true properties of cookies. Select all that apply. Secure cookies are erased when the user closes the browser Http Only cookies are invisible to JavaScript Cookies can store any information you provide to a site Persistent cookies may not be deleted Cookies can track your IP address Web Security Questions [10 pts] Each question is worth 5 points. Question 3 4 / 5 points What are common ways that websites get infected? Back-end virtual hosting companies attacks Social networks Cross-site Spoofing SQL Injection attacks XSP Scripting attacks REST Questions [5 pts] https://courses.uscden.net/d2l/lms/quizzing/user/quiz_submissions_attempt.d2l?isprv=&qi=20583&ai=82882&isInPopup=0&cfql=0&fromQB=0&fromSubmissions… 1/5 12/2/21, 12:54 AM : Quiz Submissions - CS571 Fall 2020: Web Technologies Exam 2 - CSCI571 - 20203 - Web Technologies - USC Viterbi School of Engineering Each question is worth 5 points. Question 5 4 / 5 points For REST Web Services, select the statements that are true. REST services are based on HTTP/HTTPS REST services do not offer security REST services are language dependent REST services are a W3C recommendation REST services are platform independent High-Performance Websites Questions [5 pts] Each question is worth 5 points. Question 6 4 / 5 points Which of the following are rules to improve Web site performance? Select all that apply. Use cookie-free domains Run Google PageSpeed Insights Reduce number of DOM elements Use newer versions of image standards Use POST for Ajax requests Secure Web Communication Questions [5 pts] Question 7 2 / 5 points What are the roles of a Certificate Authority (CA)? Select all that apply. Sign certificates with CA's public key Pre-configure browser trust roots Be trusted by all parties Guarantee an organization is legitimate Issue Digital certificates for Intermediate CAs HTML5 Questions [10 pts] https://courses.uscden.net/d2l/lms/quizzing/user/quiz_submissions_attempt.d2l?isprv=&qi=20583&ai=82882&isInPopup=0&cfql=0&fromQB=0&fromSubmissions… 2/5 12/2/21, 12:54 AM : Quiz Submissions - CS571 Fall 2020: Web Technologies Exam 2 - CSCI571 - 20203 - Web Technologies - USC Viterbi School of Engineering Each question is worth 5 points. Ajax Questions [15 pts] Each question is worth the listed points. Question 13 0 / 1 point [1 point] Updates to the XMLHttpRequest() specification are being managed by the World Wide Web Consortium (W3C). True False JQuery Questions [10 pts] Each question is worth the points listed. Question 18 0 / 1 point [1 point] Consider the following CSS, jQuery and HTML. Will "Text 2" be changed by the jQuery code, underlined and with green dotted border? attributeContainsPrefix demo a{ display: inline-block; } Text 1 Text 2 Text 3 $( "a[hreflang|='en']" ).css( "border", "3px dotted green" ); True False Question 19 2 / 3 points https://courses.uscden.net/d2l/lms/quizzing/user/quiz_submissions_attempt.d2l?isprv=&qi=20583&ai=82882&isInPopup=0&cfql=0&fromQB=0&fromSubmissions… 3/5 12/2/21, 12:54 AM : Quiz Submissions - CS571 Fall 2020: Web Technologies Exam 2 - CSCI571 - 20203 - Web Technologies - USC Viterbi School of Engineering [3 points] Which of the following selectors are part of the Basic Filter selectors category? Check all that apply. :multiple selector :first :header selector Responsive Website Design (RWD) Questions [10 pts] Each question is worth the points listed. Question 22 2 / 4 points [4 points] What are properties of the Responsive Web Design (RWD) approach? Select all that apply. Easy reading with a minimum of scrolling Adapts to viewing environment Uses CSS3 media queries, adaptive grids and flexible images No panning if possible, unless required by the application View Feedback Frameworks Questions [10 pts] Each question is worth the points listed. Question 25 2 / 3 points [3 points] Select which of the following are TRUE of Angular (version 8+). Select all that apply. Depends on TypeScript, RxJS and Node Includes a reactive programming library for JavaScript Supports FilterPipe and OrderByPipe Question 27 2 / 4 points [4 points] Which of the following are TRUE of Node.js? Select all that apply. Maintains several connections per server to make HTTP requests Core modules include networking and a fetch() compatible API https://courses.uscden.net/d2l/lms/quizzing/user/quiz_submissions_attempt.d2l?isprv=&qi=20583&ai=82882&isInPopup=0&cfql=0&fromQB=0&fromSubmissions… 4/5 12/2/21, 12:54 AM : Quiz Submissions - CS571 Fall 2020: Web Technologies Exam 2 - CSCI571 - 20203 - Web Technologies - USC Viterbi School of Engineering Includes built-in CORS support Includes both synchronous and asynchronous file I/O support Serverless Questions [10 pts] Each question is worth the points listed. Question 28 2 / 3 points [3 points] Which of the following are TRUE of AWS Lambda? Select all that apply. Functions and classes are unit of deployment Cost of idle time is small Functions can be triggered by events Attempt Score:83 / 100 - 83 % Overall Grade (highest attempt):83 / 100 - 83 % Done https://courses.uscden.net/d2l/lms/quizzing/user/quiz_submissions_attempt.d2l?isprv=&qi=20583&ai=82882&isInPopup=0&cfql=0&fromQB=0&fromSubmissions… 5/5 12/1/21, 5:38 PM : Quiz Submissions - CS571 Summer 2021: Web Technologies Exam 2 - CSCI571 - 20212 - Web Technologies - USC Viterbi School of Engineering Quiz Submissions - CS571 Summer 2021: Web Technologies Exam 2 Aayush Khator (username: [email protected]) Attempt 1 Written: Jun 28, 2021 6:00 PM - Jun 28, 2021 6:39 PM Submission View Released: Jun 29, 2021 8:00 AM Cookies and Privacy Questions Question 1 1.2 / 2 points [2 points] Cookies include a number of components, some required, some optional. Select only the required components: Domain Secure flag HttpOnly flag Name / value pair Expiration date Question 2 2 / 2 points [2 points] Select all true properties of cookies. Select all that apply. Cookies can track your IP address https://courses.uscden.net/d2l/lms/quizzing/user/quiz_submissions_attempt.d2l?isprv=&qi=25247&ai=101467&isInPopup=0&cfql=0&fromQB=0&fromSubmissionsList=1&ou=20978 1/22 12/1/21, 5:38 PM : Quiz Submissions - CS571 Summer 2021: Web Technologies Exam 2 - CSCI571 - 20212 - Web Technologies - USC Viterbi School of Engineering Http Only cookies are invisible to JavaScript Persistent cookies may not be deleted Cookies can store any information you provide to a site Secure cookies are erased when the user closes the browser Question 3 1.2 / 2 points [2 points] Select all ways to "opt out" of cookies. Select all that apply. Install browser extensions Use cookie management tool in browser Download opt-out cookie Select "do not track" in browser Change account Preferences on registration sites Web Security Questions Question 4 1.6 / 2 points [2 points] What are the most recommended ways to generate strong passwords? Select all that apply. Use a very large number of characters Use diceware generated passwords https://courses.uscden.net/d2l/lms/quizzing/user/quiz_submissions_attempt.d2l?isprv=&qi=25247&ai=101467&isInPopup=0&cfql=0&fromQB=0&fromSubmissionsList=1&ou=20978 2/22 12/1/21, 5:38 PM : Quiz Submissions - CS571 Summer 2021: Web Technologies Exam 2 - CSCI571 - 20212 - Web Technologies - USC Viterbi School of Engineering Use passwords that satisfy Microsoft Active Directory settings Use passwords with low entropy Use a combinations of 8 or more letters, digits and special characters Question 5 1.6 / 2 points [2 points] Which of the following are Injection Attacks? Cross Site Request Forgery (CSRF) Search Worms Content Spoofing SQL Injection DDoS attack Question 6 1.6 / 2 points [2 points] Which types of hacks can cause damage on the client side? Select all that apply. Install malicious software Denial of Service Deface pages, altering content Stealing cookies Log user keystrokes REST Questions https://courses.uscden.net/d2l/lms/quizzing/user/quiz_submissions_attempt.d2l?isprv=&qi=25247&ai=101467&isInPopup=0&cfql=0&fromQB=0&fromSubmissionsList=1&ou=20978 3/22 12/1/21, 5:38 PM : Quiz Submissions - CS571 Summer 2021: Web Technologies Exam 2 - CSCI571 - 20212 - Web Technologies - USC Viterbi School of Engineering Question 7 1.6 / 2 points [2 points] For REST Web Services, select the statements that are true. Select all that apply. REST services are language dependent REST services do not offer security REST services are platform independent REST services can use HTTPS REST services are a W3C recommendation High-Performance Websites Questions Question 8 1.6 / 2 points [2 points] Which of the following are ways to reduce the number of HTTP requests? Select all that apply. Combine Style Sheets Combine cookies Combine scripts Split images Use Image Maps Question 9 1.2 / 2 points [2 points] Which of the following are rules to improve Web site performance? Select all that apply. Reduce number of DOM elements https://courses.uscden.net/d2l/lms/quizzing/user/quiz_submissions_attempt.d2l?isprv=&qi=25247&ai=101467&isInPopup=0&cfql=0&fromQB=0&fromSubmissionsList=1&ou=20978 4/22 12/1/21, 5:38 PM : Quiz Submissions - CS571 Summer 2021: Web Technologies Exam 2 - CSCI571 - 20212 - Web Technologies - USC Viterbi School of Engineering Use newer versions of image standards Use POST for Ajax requests Run Google PageSpeed Insights Use cookie-free domains HTML5 Questions Question 10 2 / 2 points [2 points] Which of the following are removed elements in HTML5? Select all that apply. center footer font frameset embed Question 11 1.6 / 2 points [2 points] Which of these are the 2 most popular HTML5 video codecs? Select only 2. VP9 Theora Ogg H.264 https://courses.uscden.net/d2l/lms/quizzing/user/quiz_submissions_attempt.d2l?isprv=&qi=25247&ai=101467&isInPopup=0&cfql=0&fromQB=0&fromSubmissionsList=1&ou=20978 5/22 12/1/21, 5:38 PM : Quiz Submissions - CS571 Summer 2021: Web Technologies Exam 2 - CSCI571 - 20212 - Web Technologies - USC Viterbi School of Engineering Audio Video Interleave (AVI) Question 12 2 / 2 points [2 points] Which of the following attributes are not supported in HTML5? Select all that apply. colspan bgcolor align controls border Ajax Questions Question 13 2 / 2 points [2 points] The fetch() API can receive cross-site cookies. True False Question 14 0 / 2 points [2 points] Creating an instance of the XMLHttpRequest object is the same in all latest browser. True False https://courses.uscden.net/d2l/lms/quizzing/user/quiz_submissions_attempt.d2l?isprv=&qi=25247&ai=101467&isInPopup=0&cfql=0&fromQB=0&fromSubmissionsList=1&ou=20978 6/22 12/1/21, 5:38 PM : Quiz Submissions - CS571 Summer 2021: Web Technologies Exam 2 - CSCI571 - 20212 - Web Technologies - USC Viterbi School of Engineering Question 15 2 / 2 points [2 points] CORS and server proxy are good ways to avoid cross-domain browser restrictions. True False Question 16 2 / 2 points [2 points] The web browser displays a visual progress indicator while the XMLHttpRequest is being processed. True False Question 17 2 / 2 points [2 points] Consider the following code snippet: j = eval("(" + text + ")"); Select all answers that are TRUE for such code. It is part of JSON.parse() It is very unsafe Question 18 2 / 2 points [2 points] Select all valid XMLHttpRequest() Object properties. Select all that apply. onReadyState readyStateChange status https://courses.uscden.net/d2l/lms/quizzing/user/quiz_submissions_attempt.d2l?isprv=&qi=25247&ai=101467&isInPopup=0&cfql=0&fromQB=0&fromSubmissionsList=1&ou=20978 7/22 12/1/21, 5:38 PM : Quiz Submissions - CS571 Summer 2021: Web Technologies Exam 2 - CSCI571 - 20212 - Web Technologies - USC Viterbi School of Engineering Question 19 2 / 2 points [2 points] Of the URLs below, select only the ones that have the same origin as http://www.ajaxbook.com? http://www.ajaxbook.com:443 https://www.ajaxbook.com http://carsearch.ajaxbook.com http://www.ajaxbook.com/ajax Question 20 2 / 2 points [2 points] Consider the following code from one of the Ajax example shown in class: My Third Ajax Script And this JavaScript: window.onload = initAll; var xhr = false; function initAll() { same as previously except it calls getPix } function getPix() { xhr.open("GET", "flickrfeed.xml", true); xhr.onreadystatechange = XXXXX1; xhr.send(null);setTimeout("getPix()",5 * 1000); } function showPictures() { var tempDiv = document.createElement("div"); var tempDiv2 = document.createElement("div"); if (xhr.readyState == 4) { if (xhr.status == 200) { tempDiv.XXXXX2 = xhr.responseText; var allLinks = tempDiv.getElementsByTagName("a"); for (var i=1; i 5) count = 5; for(int i = 0; i < count ; i++) { Element individualResult = (Element)resultList.get(i); cover[i] = individualResult.getAttribute("cover").getValue(); title[i] = individualResult.getAttribute("title").getValue(); year[i] = individualResult.getAttribute("year").getValue(); director[i] = individualResult.getAttribute("director").getValue(); rating[i] = individualResult.getAttribute("rating").getValue(); 6 details[i] = individualResult.getAttribute("details").getValue(); } String parsedString = "{\n"+"\"results\":{\n"; parsedString += "\"result\":[\n"; int i; for(i=0;i frys Home Depot homedepot 6 5 Fry's Palo Alto Palo Alto Store 340 Portage Ave Palo Alto, CA frys Fry’s Online Shop HomeDepot Campbell Campbell Store 480 E Hamilton Ave Cambell, CA homedepot Complete the XML Schema that corresponds to the above description and sample. Fill in the missing parts. 7 0) { } } } JavaScript and Ajax Questions [10 pts] 11 Below is the HTML source code that produces the web page above. My Second Ajax Script Below is the JavaScript source code, script02.js, that was imported into the HTML above, but some of the lines are missing, replaced by XXXXXXXs. Fill in the missing. 12 window.onload = initAll; var xhr = false; function initAll() { if (window.XMLHttpRequest) { xhr = new XMLHttpRequest(); } else { if (window.ActiveXObject) { try { xhr = new ActiveXObject("Microsoft.XMLHTTP"); } catch (e) { } } } if (xhr) { xhr.onreadystatechange = showPictures; xhr.open("GET", "flickrfeed.xml", XXXXXXXX1); xhr.send(null); } else { alert("Sorry, but I couldn't create an XMLHttpRequest"); } } function showPictures() { var tempDiv = document. XXXXXXXX2; var pageDiv = document.getElementById("XXXXXXXX3"); if (xhr.readyState == 4) { if (xhr.status == 200) { XXXXXXXX4 = xhr.responseText; var allLinks = tempDiv.getElementsByTagName("a"); for (var i=1; i Oregano's Wood-Fired Pizza 8 4546 El Camino Real, #A6 Los Altos CA (650) 941-3600 37.401434 -122.114407 4.5 11 11 1326963606 This place is great. 1.19 http://local.yahoo.com/info-21300761- oregano-s-woodfired-pizza-los-altos When the “output=json”, a JSON response is returned. Please fill in the missing code: {"ResultSet": {"Result": {"id":"21300761", "Title":"Oregano's Wood-Fired Pizza", "Address":"4546 El Camino Real, #A6", "City":"Los Altos", "State":"CA", "Phone":"(650) 941-3600", "Latitude":"37.401434", "Longitude":"-122.114407", "Rating": {"AverageRating":"4.5", "TotalRatings":"11", "TotalReviews":"11", "LastReviewDate":"1326963606", "LastReviewIntro":"This place is great."}, "Distance":"1.19", "Url":"http:\/\/local.yahoo.com\/info-21300761- oregano-s-woodfired-pizza-los-altos", } } } Grading Guidelines: There are 15 properties so give 1 point for each property. Writing the opening and the closing parenthesis of the Rating object weighs 5 points. 9 JQuery Questions [10 pts] Q1 (2 pts): What is the JavaScript object added by jQuery? A1: JQuery or $ Q2 (2 pts): What commonly used JavaScript objects are abstracted by jQuery? A2: [ ] DOM [ ] XMLHttpRequest [ ] JSON [X] ALL OF THE ABOVE Q3 (6 pts): [This question is worth 6 points] Consider the following example without JQuery: A3: Rewrite it using JQuery. Grading Guidelines: Writing $('#counter1') twice à 2 points o If a student forget writing $ or # deduct 1 point Writing.css twice à 2 points The CSS properties and its values à 2 points 10 If any student came with different solution might be correct please spread the solution to the other graders to take a decision Responsive Website Design Questions [20 pts] Each question is worth 4 points. Q1: A site designed with RWD adapts the layout to the viewing environment by using 3 things. What are they? A1: (1) fluid, proportion based GRIDS (2) flexible images (3) CSS3 media queries Q2: List 3 “usability” guidelines for Websites on mobile devices? A2: (1) (2) (3) Any 3 of: (1) reduce amount of content, (2) use single columns, (3) change navigation, (4) minimize text entry, (5) design for touchscreens, (6) take advantage of built-in functionality (e.g. maps Apps) Q3: What is the main difference between “adaptive” and “fluid” grids? A3: In fluid grids we define relative-based dimensions; in adaptive grids we define pixel-based dimensions. Q4: In RWD, how do you avoid having an image deformed due to screen size? A4: Set CSS max-width property to 100%, as in img { max-width: 100%; } Q5: Bootstrap comes with 3 components, each store in its own folder. What are these components? A5: JavaScript, CSS and fonts 11 Computer Science 571 2nd Exam Prof. Horowitz Thursday, April 24, 2014, 9:30am – 10:45am Name: Student ID Number: 1. This is a closed book exam. 2. Please answer all questions on the test jQuery [20 pts] Javascript + Ajax [25 pts] Regular Expressions [10 pts] Tomcat [15 pts] Java Servlets [10 pts] Miscellaneous [20 pts] jQuery [20 pts] Above is a snapshot of a menu produced using the jQuery library menu widget. Below is the code that produces the above menu. Answer the questions below. 1 jQuery UI Menu $(function() { $( "#menu" ).menu(); });.ui-menu { width: 150px; } Aberdeen Ada Adamsville Addyston Delphi Ada Saarland Salzburg Saarland Salzburg Delphi AdaSaarland Salzburg Delphi AdaSaarland Salzburg Perch Amesville 1. [4 pts] Assuming the initial menu (Ada, Adamsville,... ) in the picture above is at level 1, how deep does the menu go, meaning what is the maximum level? Answer: level = 3 2 2. [4 pts] Describe what occurs when a user’s cursor hovers over Ada and then clicks on Ada. Answer: The anchor will be seen as live and should produce a hand pointer on hover and clicking will take the user back to the same page. 3. [4 pts] Is #menu a class attribute or an id attribute? Answer: an id attribute 4. [4 pts] What is the purpose of ui-state-disabled? Answer: It causes the menu item to be grayed out 5. [4 pts] Copy over the line that uses the jQuery menu widget. Answer: $(“#menu”).menu(); JavaScript + Ajax [25 pts] Above is a snapshot of a web page and below the corresponding source code. Some of the code is missing. Fill in the missing elements. Simple Ajax Example function xmlhttpPost(strURL) { var xmlHttpReq = false; var self = this; // Mozilla/Safari if (window.XMLHttpRequest) { self.xmlHttpReq = new XMLHttpRequest(); 3 } // IE else if (window.ActiveXObject) { self.xmlHttpReq = new ActiveXObject("Microsoft.XMLHTTP"); } self.xmlHttpReq.open('POST', strURL, true); 6. [5 pts] self.xmlHttpReq.setRequestHeader('Content-Type', 'application/x- www-form-urlencoded'); self.xmlHttpReq.onreadystatechange = function() { if (self.xmlHttpReq.readyState == 4) { 7. [5 pts] updatepage(self.xmlHttpReq.responseText); } } self.xmlHttpReq.send(getquerystring()); } function getquerystring() { var form = document.forms['f1']; var word = form.word.value; 8. [5 pts] qstr = 'w=' + escape(word); 9. [5 pts] return qstr; } function updatepage(str){ document.getElementById("result").innerHTML = str; } word: 10. [5 pts] Regular Expressions [10 pts] 11. [1 pt each, 10 pts total] For each of the following php regular expression operators provide a one line description. Operator Description ^ The circumflex symbol marks the beginning of a pattern, $ the dollar sign marks the end of a search pattern. The period matches any single character ? It will match the preceding pattern zero or one times + It will match the preceding pattern one or more times * It will match the preceding pattern zero or more times 4 [] Matches any single character between the square brackets {min, max} It is used to match exact character counts \d Matches any single digit \D Matches any single non digit caharcter \w Matches any alpha numeric character including underscore (_) Tomcat Questions [15 pts] Assuming your Tomcat web server is stored at TOMCAT_DIRECTORY answer the following questions 12. [3 pts] : Where are your servlets stored? Answer: TOMCAT_DIRECTORY/webapps/Your_App_DIRECTORY/WEB-INF/classes 13. [3 pts]: Where is the JSON jar file stored? Answer: TOMCAT_DIRECTORY/ webapps/Your_App_DIRECTORY/WEB-INF/lib 14. [3 pts]: Where is the web.xml stored? Answer: TOMCAT_DIRECTORY/ webapps/Your_App_DIRECTORY/WEB-INF/web.xml 15. [3 pts]: Where are your html, js, and css files stored? Answer: TOMCAT_DIRECTORY/ webapps/Your_App_DIRECTORY/ 16. [3 pts]: Where can you find the servlet.jar file? Answer: TOMCAT_DIRECTORY/common/lib Java Servlet Questions[10 pts] 5 Above are two snapshots, The first shows the initial screen for a Java servlet that processes cookies, and the second snapshot shows the result after the submit button is clicked. Below is the source code for this cookie example. Fill in the missing code. import java.io.*; import javax.servlet.*; import javax.servlet.http.*; public class CookieExample extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { response.setContentType("text/html"); PrintWriter out = response.getWriter(); Cookie[] cookies = request.getCookies();> 17. [2 pts] for (int i = 0; i < cookies.length; i++) { Cookie c = cookies[i]; 18. [2 pts] String name = c.getName(); String value = c.getValue(); out.println(name + " = " + value); } String name = request.getParameter("cookieName"); 19. [2 pts] if (name != null && name.length() > 0) { String value = request.getParameter("cookieValue"); 20. [2 pts] 6 Cookie c = new Cookie(name, value); 21. [2 pts] response.addCookie(c); } } } Miscellaneous [20 pts] [10 pts] Below is a program that supports the switching of stylesheets in a web page. Some of the code is missing. Supply the missing code. Tove Jani Reminder Don't forget me this weekend! 9 [10 pts] Write an XML Schema that conforms to such document: 10 Computer Science 571 2nd Exam Prof. Papa Thursday, December 8, 2016, 6:00pm – 7:20pm Name: Student ID Number: 1. This is a closed book exam. 2. Please answer all questions on the test JSON Question [10 pts] The REST Flickr Service includes a “getRecent” API, flickr.photos.getRecent, which returns a list of the latest public photos uploaded to flickr. It is defined as follows: flickr.photos.getRecent Returns a list of the latest public photos uploaded to flickr. Authentication This method does not require authentication. Arguments api_key (Required) Your API application key. extras (Optional) A comma-delimited list of extra information to fetch for each returned record. Currently supported fields are: license, date_upload, date_taken, owner_name, icon_server, original_format, last_update, geo, tags, machine_tags, o_dims, views, media, path_alias, url_sq, url_t, url_s, url_m, url_o per_page (Optional) Number of photos to return per page. If this argument is omitted, it defaults to 100. The maximum allowed value is 500. page (Optional) The page of results to return. If this argument is omitted, it defaults to 1. A sample XML REST call is shown below: 1 http://api.flickr.com/services/rest/?method=flickr.photos.getRecent&api_key=62 6cf9c993df85b49d193b9645fd2c0d When the format is XML (the default), the following is an example of the data returned: When the “format=JSON”, a JSONP response is returned. A sample JSON REST call is shown below: A sample XML REST call is shown below: http://api.flickr.com/services/rest/?method=flickr.photos.getRecent&api_key=626cf9c993df85 b49d193b9645fd2c0d&format=json Please fill in the missing JSON code that duplicates the XML result above: jsonFlickrApi({"photos":{"page":1, "pages":100, "perpage":2, "total":200, "photo":[ {"id":"4144809437", "owner":"9755447@N04", "secret":"5d5e5c80e", "server":"2582", "farm":3, "title":"Big Spring Monument Talladega", "ispublic":1, "isfriend":0, "isfamily":0}, {"id":"4144809495", "owner":"40432260@N04", "secret":"2f3880845a", "server":"2689", "farm":3, "title":"IMG_1247", "ispublic":1, "isfriend":0, "isfamily":0} ] 2 }, "stat":"ok"}) Web Performance Questions [10 pts] List any 3 rules out of the 14 rules for faster Web pages from Steve Souders that help speed up delivery of HTML. Speed Up HTML (3 points): Gzip components Move scripts to the bottom Make CSS external Make JS external List 3 ways to reduce the number of HTTP requests. Reduce HTTP requests (3 points): Any 3 of: Combine JS Scripts Combine CSS style sheets Combine images into image maps Combine images into “sprites” List 4 headers that can help to improve caching. Improve Caching (4 points): Expires header Cache-Control header Last-Modified header Etag header JavaScript + AJAX Questions [10 pts] 3 Below is the source code that generated the web page above. There are two links on the page. The first one causes a text file to be displayed in the page beneath the links. The second link causes an XML file to be displayed in the same place. First Ajax Script Request a text file Request an XML file   Below is the JavaScript source that was imported into the HTML above, but some of the lines are missing, replaced by XXXXXXXs. Fill in the missing lines on the answer sheet. Each line is worth 1 point. window.onload = initAll; var xhr = false; function initAll() { document.getElementById("makeTextRequest").onclick = getNewFile; document.getElementById("makeXMLRequest").onclick = getNewFile;} function getNewFile() { makeRequest(this.href); return false;} function makeRequest(url) { if (window.XMLHttpRequest) { xhr = new XMLHttpRequest();} else { if (window.ActiveXObject) { 4 try { xhr = new ActiveXObject("Microsoft.XMLHTTP"); } catch (e) { } } } if (xhr) { xhr.onreadystatechange = showContents; xhr.open("GET", url, true); xhr.send(null); } else { document.getElementById("updateArea").innerHTML = "Sorry, but I couldn't create an XMLHttpRequest"; } } function showContents() { if (xhr.readyState == 4) { if (xhr.status == 200) { var outMsg = ( xhr.responseXML && xhr.responseXML.contentType=="text/xml") ? xhr.responseXML.getElementsByTagName("choices").textContent : xhr.responseText; } else { var outMsg = "There was a problem with the request " + xhr.status; } document.getElementById("updateArea").innerHTML = outMsg; } } HTML5 Questions [10 pts] Each question is worth 2 points. Note that there is no partial credit for any of these questions. Q1: Name 4 types of video “containers”? A1: Any 4 of: MPEG4 (mp4 or m4v) Quicktime (.mov) Flash (.flv) Ogg (.ogv) WebM Audio Video Interleave (AVI) Q2: Which of the following are new in HTML5? [X] video and audio support [X] graphics support [X] local storage [ ] plugin support [X] session storage [ ] SQL support 5 [X] Geocoding support [X] Sectioning elements [X] Forms validation [X] CSS3 support [X] Offline Support [ ] ALL OF THE ABOVE Q3: What happened to the HTML 4.01 elements and in HTML5? A3: They have been moved to CSS Q4: Name 4 Audio Codecs A4: Any 4 from MP3, AAC, AAC+, VORBIS, FLAC, WAVE Q5: If you needed to make sure that your video files could be viewed on the large majority of desktop browsers and all mobile devices, what two (2) video containers would you pick? A5: MPEG4 and WebM Web Security Questions [10 pts] Each question is worth 2 points. Q1: What does the TOR network provide? A1: A protective layer between the user and the Internet, which 1) encrypts all information and 2) makes the user anonymous. Q2: What do PGP and S/MIME provide? A2: Data encryption technology for encrypting and signing e-mails Q3: What software library is vulnerable to the Heartbleed Bug? A3: OpenSSL Q4: What type of attack is Stuxnet? A4: a worm Q5: Name one of the most recommended way to generate strong passwords? A5: 6 Any one (1) of these: A) Using a very large number of characters B) Use Diceware generated passwords C) Use first letters of a very long phrase JQuery Questions [10 pts] Q1: This code is an example of what selector? var elementCount = $("*").css("border", "3px solid red" ).length; A1: The JQuery “All Selector” or “Basic All Selector” Q2: This code an example of what selector category? $("div:contains('John’)").css( "text-decoration", "underline" ); A2: A JQuery “Content Filter” Q3: [This question is worth 6 points] Consider the following example without JQuery: function handleAllTags() { var arrayOfDocFonts; if (document.all || document.getElementById) { arrayOfDocFonts = document.getElementsByTagName("font"); } else { document.write("Unrecognized Browser Detected"); } alert("Number of font tags in this document are " + arrayOfDocFonts.length + "."); } A3: Rewrite it using JQuery. $(function() { // when document is ready // when countTags is clicked, $("#countTags").click(function() { // alert the number of font tags in the HTML alert("Number of font tags in this document are " + $("font").length + "."); }); }); JavaScript Frameworks Questions [10 pts] Q1: Name a JavaScript runtime, built on Chrome V8 and that uses an event-driven, non- blocking I/O model? 7 A1: Node.js Q2: Complete the missing code in the Angular instantiation below: var app = angular.module(“myApp", []); app.controller(“myController", function($scope,$http) { $scope.topic = “CSCI 571”; }); Q3: Which of the following is true in AngularJS? [X] A module defines an application [X] A module is a container for controllers [X] Controllers always belong to a module [ ] Filter sorts the rows in the model [X] ng-repeat works like a for loop [X] $http holds the HTTP request handler [ ] ALL OF THE ABOVE Q4: Which of the following are Angular directives? [ ] ng-app [ ] ng-controller [ ] ng-bind [ ] ng-init [ ] ng-model [ ] ng-class [ ] ng-repeat [ ] ng-form [X] ALL OF THE ABOVE Q5: What library is this code using and for what kind of layout?.col-md-4.col-md-4.col-md-4 Answering screen and (max-device-width: 480px) is enough Q5: List one property of “fluid” grids. A5: Any one of these: (a) defined using relative-based dimensions (b) define a grid divided into a specific number of columns (c) each grid element is designed with “proportional” width and height, not in pixels Web Performance Questions [10 pts] Each question is worth 2 points. Q1: When estimating Web Server performance requirements, what are the three numbers that you should be estimating? A1: What is the number of clients that will connect per second (the “traffic”) What is the average number of bytes sent to the server (request) What is the average number of bytes sent to the client (response) Q2: What is a web server “farm”? 9 A2: Multiple server with load balancing hardware to distribute web requests (“the “load”) across the servers. Q3: What is the approach used by sites like CNN for Load Balancing? A3: DNS Redirection Q4: What are the 2 main reasons that Nginx is recommended for high traffic sites. A4: a) “low” memory usage and b) “large” number of requests per second for large concurrent connections (high traffic). Q5: List two ways of improving Apache performance. A5: Two of these: a) Add additional RAM, b) Tune MinSpareServers and MaxSpareServers c) Enable HTTP compresions d) Use Nginx as reverse-proxy e) Use “fast:” modules liker mod_fastcgi f) Use “direct” modules like mod_php g) Load only “required: module for a smaller footprtint (low memory) JavaScript Frameworks Serverless Applications Questions [10 pts] Each question is worth 2 points. Q1: Name two properties of Node.js? A1: Javascript runtime built on Chrome V8Event driven Uses non-blocking IO model Modules handle HTTP Modules handel networking Provides POSIX File IO 10 Supported by both AWS and GCP Q2: What architectures are supported by AngulaJS A2: MVC (Model – View - Controller) MVVM (Model – View – ViewModel) Q3: What is the approach used by sites like CNN for Load Balancing? A3: Which of the following are true of Serverless Architectures? [X] No compute resource to manage [ ] Provisioning and scaling handled by the client [X] Execution environment provided by service [X] Provides authorization and authentication services [ ] All of the above Note: there is no partial credit Q4: What are the 2 main reasons that Nginx is recommended for high traffic sites. A4: Which of the following are true of AWS Lambda? [X] No servers to manage [X] Continuous scaling [ ] Subminute metering [X] bring your oen code [ ] Complex resource model [X] Flexible Authorization and Use [ ] Not suitable for real-time data processing [X] Easy to build scalable backend services [ ] All of the above Note: there is no partial credit Q5: What is this code an example of? exports.helloGET = function helloGET (req, res) { res.send('Hello World!'); A5: A Google Cloud Function Agile Development Questions [10 pts] 11 Each question is worth 2 points. Q1-Q3: What is the difference between non-agile and agile regarding each of these? Complete the missing portion of the phrases. A1: Regarding documents Non-agile: document-driven Agile: high bandwidth communication A2: Process Non-agile: serial Agile: iterative A3: Testing Non-agile: test late Agile: test early and continuously Q4: Who make up the observers or “chickens” in agile development? A4: People that do not have deliverables in the sprint, like stakeholders, non-stakeholder, and Subject-Matter-Experts (SMEs). Q5: What is a Scrum “retrospective”? A5: Scrum team does a port-mortem after a sprint. 12 Computer Science 571 2nd Exam Prof. Papa Thursday, May 4, 2017, 6:00pm – 7:20pm Name: Student ID Number: 1. This is a closed book exam. 2. Please answer all questions on the test Question Category Score High Performance Websites Questions JavaScript + AJAX Questions Web Security Questions JQuery Questions JavaScript Frameworks and Serverless Questions Cookies and Privacy Questions Secure Web Communication Questions Total High Performance Websites Questions [10 pts] Each question is worth 2 points. Q1. Among the 14 rules that were given for improving the client-side performance of a web page, one rule suggests placing items at the bottom of the web page. What rule is it? A1. place scripts to the bottom Q2. Consider the following HTTP response header: HTTP/1.1 200 OK Date: Fri, 30 Oct 2014 13:19:41 GMT Server: Apache/1.3.3 (Unix) Cache-Control: max-age=3600, must-revalidate 1 Expires: Fri, 30 Oct 2014 14:19:41 GMT Last-Modified: Mon, 29 Jun 2014 02:28:12 GMT ETag: "3e86-410-3596fbbc" Content-Length: 1040 Content-Type: text/html Will this page be cached by the browser? If so, for how long? A2. yes, 3600 seconds Q3. What does CDN stand for and how does it improve website performance? A3. Content Distribution Network; it improves performance by copying content to multiple servers around the world so pages are delivered more quickly. Q4. Why is it suggested to minimize re-directs? A4. because they require an additional trip to the server and back again. Q5. The lecture on high performance web sites listed 14 ways to improve the download performance of a website. List 4 of the ways that were presented by providing one sentence that describe “how” they improve performance. PLACE ALL ANSWERS BELOW. a. Make fewer http requests b. Use a CDN c. Add and expires header d. Gzip components e. Put stylesheets at the top f. Move scripts to the bottom g. Avoid CSS expressions h. Make JS and CSS external i. Reduce DNS lookups j. Minify JavaScript 2 k. Avoid redirects l. Remove duplicate scripts m. Configure Etags n. Make AJAX cacheable JavaScript + AJAX Questions [10 pts] Above is a snapshot of a web page and below the corresponding source code. Some of the code is missing. Fill in the missing elements. Each answer is worth 2 points. Simple Ajax Example function xmlhttpPost(strURL) { var xmlHttpReq = false; var self = this; // Mozilla/Safari if (window.XMLHttpRequest) { self.xmlHttpReq = new XMLHttpRequest(); } // IE else if (window.ActiveXObject) { self.xmlHttpReq = new ActiveXObject("Microsoft.XMLHTTP"); } self.xmlHttpReq.open('POST', strURL, true); [2 pts] self.xmlHttpReq.setRequestHeader('Content-Type', 'application/x-www- form-urlencoded'); self.xmlHttpReq.onreadystatechange = function() { 3 if (self.xmlHttpReq.readyState == 4 && self.xmlHttpReq.status == 200) { [2 pts] updatepage(self.xmlHttpReq.responseText); } } self.xmlHttpReq.send(getquerystring()); } function getquerystring() { var form = document.forms['f1']; var word = form.word.value; [2 pts] qstr = 'w=' + escape(word); [2 pts] return qstr; } function updatepage(str){ document.getElementById("result").innerHTML = str; } word: [2 pts] Web Security Questions [10 pts] Each question is worth 2 points. Q1: Name 2 of the top 5 vulnerabilities according to WhiteHat Security? A1: Any two of: Cross-site scripting (XSS) Information Leakage Content Spoofing Cross-Site Request Forgery (CSRF) Brute Force Q2: Name 2 types of Authentication Attacks? A2: Any two of: Brute Force Attacks Insufficient Authentication Weak Password Recovery Validation 4 Q3: What problem Diceware solves? A3: Coming up with an easy-to-memorize but very secure passphrase (-OR one with high degree of randomness or entropy). Q4: Name 2 examples of Client Side Attacks? A4: Any two of: Cross-site Scripting (XSS) Browser and Plugin Vulnerabilities Clickjacking Q5: What is a DDos attack? A5: An attack which occurs when a system is overwhelmed by malicious electronic traffic. JQuery Questions [20 pts] Above is a snapshot of a menu produced using the jQuery library menu widget. Below is the code that produces the above menu. Answer the questions below. jQuery UI Menu 5 $(function() { $( "#menu" ).menu(); });.ui-menu { width: 150px; } Aberdeen Ada Adamsville Addyston Delphi Ada Saarland Salzburg Saarland Salzburg Delphi AdaSaarland Salzburg Delphi AdaSaarland Salzburg Perch Amesville Q1: [4 pts] Assuming the initial menu (Ada, Adamsville,... ) in the picture above is at level 1, how deep does the menu go, meaning what is the maximum level? 6 A1: level = 3 Q2: [4 pts] Describe what occurs when a user’s cursor hovers over Ada and then clicks on Ada. A2: The anchor will be seen as live and should produce a hand pointer on hover and clicking will take the user back to the same page. Q3: [4 pts] Is #menu a class attribute or an id attribute? A3: an id attribute Q4: [4 pts] What is the purpose of ui-state-disabled? A4: It causes the menu item to be grayed out Q5: [4 pts] Copy over the line that uses the jQuery menu widget. A5: $(“#menu”).menu(); JavaScript Frameworks and Serverless Questions [20 pts] Each question is worth 2 points. Please choose all correct answers. There is no partial credit. Q1: Which JavaScript Framework provides two-way Data Binding? A1: AngularJS Q2: Which of the following is true of Node.js? [ ] Is a JavaScript runtime built on Chrome V8 [ ] Is event-driven [ ] Uses non-blocking I/O model [ ] Modules handle HTTP [ ] Modules handle networking [ ] Provides POSIX File I/O [ ] Is supported by AWS and Google Cloud Platform (GCP) [X] ALL OF THE ABOVE Q3: What directive is used in AngularJS for loop and replication of the template to the number of rows in the model? A3: ng-repeat 7 Q4: What are the two problems with Virtual Machines and why? A4: l Money – You need to predict the instance size you need. You are charged for every CPU cycle, even when the system is “running its thumbs” l Time – Many operations related to virtual machines are typically slow Q5: What are two solutions of the problems with Virtual Machines? A5: Serverless Architectures and Containers Q6: What are the 3 components of a Microservice? A6: 1. An API – OR – REST Endpoint 2. A Service – OR – FaaS (Function as a Service) 3. A Data Store Q7: What is the code below an example of? module.exports.handler = function(event, context, callback) { console.log("event: " + JSON.stringify(event)); if ((!event.hasOwnProperty("email") || !event.hasOwnProperty("restaurantId")) || (!event.email || !event.restaurantId)) { callback("[BadRequest] email and restaurantId are required"); return; } } A7: One of these: (a) Node.js with AWS lambda (b) FaaS (Function as a Service) Q8: What is one (1) key feature of Containers? A8: any one of “lightweight” and “portable” Q9: Which of the following is true of AWS lambda? [X] Uses AWS Compute Service [X] Supports Java, Python and Node.js [X] You pay only for the compute time you use [ ] Can be triggered by HTTP only [X] No machines or VMs are visible in the Programming Model [X ] It auto-scales and is layaways available [X] It competes with Google Cloud Platform (GCP) [ ] ALL OF THE ABOVE 8 Q10: Does Google Cloud Platform (GCP) supports both Microservices and Containers? A10: No, supports Only Microservices. Cookies and Privacy Questions [20 pts] Q1. The class notes list six (6) ways to Opt Out of cookies. Mention 2 of them. A1: 1. Select “do not track” in your browser Settings 2. Download opt-out cookies 3. Use the cookie management tools in your web browser 4. View current cookies and delete what you don't need. 5. Check your account preferences on registration sites 6. Use browser add-ons Q2. Cookies include a domain, a path, a name/value pair and an expiration date. There are two other fields that may be included in a cookie. What are they and describe them briefly? A2. Secure – only send over SSL, when the request is https HttpOnly – only send via an HTTP request, not accessible to scripts in JavaScript Q3. Define: 3rd party cookie A3. Third-party cookies are cookies that belong to domains different from the one shown in the address bar Q4. What are the 4 parties involved in web advertising? A4. Advertisers, website owners, ad network and visitors Q5. What is a Conversion Tracking Cookie? A5. A cookie set when you click an advertisement (ad) delivered by Google, used by advertisers to track when a click results in a purchase. 9 Secure Web Communication Questions [10 pts] Each question is worth 2 points. There is no partial credit. Q1: In Public Key Encryption (PKC), who generates the keys used for “authentication”? A1: The Sender Q2: Given a data item X, and a hash function H, what is another name for H(X)? A2: A “message digest” or a “digital signature”. Q3: What are RC2, RC-40 and DES examples of? A3: Bulk Ciphers Q4: Name 2 roles of a CA. A4: Any 2 of (a) Verifies identities of client and servers (b) Issues digital certificates (c) Signs digital certificates with its private key Q5: The SSL protocol fits between which two layers? A5: TCP and HTTP 10 Computer Science 571 2nd Exam Prof. Horowitz Tuesday, December 4, 2012, 9:30am – 10:45am & 11:00am-12:15pm Name: Student ID Number: This is a closed book exam. Please answer all questions on the test Javascript + Ajax [20 pts] JSON [10 pts] XML Schemas [15 pts] Java Servlets [20 pts] REST in Java [10 pts] Tomcat [20 pts] Web Site Performance [5 pts] JavaScript and AJAX Questions [20 total pts] Below is a file containing source code used by Yahoo to help it implement the Yahoo search sidebar that you see in the snapshot below. The questions following the source code can be answered by examining the code below. 1 function Yahoo_Search() {} Yahoo_Search.baseURL = function () { return "http://api.search.yahoo.com/WebSearchService/V1/"; } Yahoo_Search.appid = function () { return "YahooSearchSidebar"; } Yahoo_Search.baseArgs = function () { return "appid=" + this.appid(); } Yahoo_Search.Results = function (args) { var xmlUrl = this.baseURL() + "webSearch?" + this.baseArgs() + "&query=" + args["Doc"] + "&zip=" + "&start=" + args["First"] + "&results=" + args["Count"]; var xmlhttp = new XMLHttpRequest(); xmlhttp.open("GET", xmlUrl, false); xmlhttp.send(null); return this.readXML(xmlhttp.responseXML); } Yahoo_Search.readXML = function (xmlDoc) { try { var retVal = new Array(); var resultSet = xmlDoc.getElementsByTagName("ResultSet"); var totalResultsAvailable = parseInt(resultSet.getAttribute("totalResultsAvailable")); var totalResultsReturned = parseInt(resultSet.getAttribute("totalResultsReturned")); var firstResultPosition = parseInt(resultSet.getAttribute("firstResultPosition")); var start = firstResultPosition; var end = firstResultPosition + totalResultsReturned - 1; var results = xmlDoc.getElementsByTagName("Result"); for (var i = 0; i < results.length; i++) { var result = results[i]; var title = result.getElementsByTagName('Title').firstChild.nodeValue; var summary = ''; if (result.getElementsByTagName('Summary').firstChild) { summary = result.getElementsByTagName('Summary').firstChild.nodeValue; } var clickUrl = result.getElementsByTagName('ClickUrl').firstChild.nodeValue; var url = result.getElementsByTagName('Url').firstChild.nodeValue; retVal[i] = { I: start + i, Title: title, Summary: summary, ClickUrl: clickUrl, Url: url }; } return retVal; } catch(exception) { alert('Exception occurred while reading XML (i=' + i + '; start=' + start + ';end=' + end + '): ' + exception); } } 1. [3 pts] What language is the code written in? 2. [3 pts] What are baseURL, appid, baseArgs, Results, readXML? 3. [3 pts] What line of the program sends the request to Yahoo? 2 4. [3 pts] What line of the program receives the result from Yahoo? 5. [3 pts] The above program uses DOM functions. Name two. 6. [3 pts] What type of file is Yahoo returning? 7. [2 pts] What are Title, ClickUrl and Url? JSON Question [10 total pts] Below is an XML file. Your task is to transform it into an equivalent JSON notation. example glossary S Standard Generalized Markup Language SGML ISO 8879:1986 A meta-markup language, used to create markup languages. 8. [10 pts] Place your answer here: 3 XML Schema Questions [15 total pts] Below is an xml schema file defining the Web search response for the Yahoo sidebar. 9. [ 15 pts] Write out an XML file that is an instance that conforms to the above schema. Remember to define the necessary namespaces. PLACE YOUR ANSWER BELOW OR INDICATE HERE THAT YOU ARE USING THE BACK OF THIS SHEET. 4 Java Servlet Questions [20 total pts] Below is a Java servlet. Read it over and then answer the questions below. public class ShowSession extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html"); PrintWriter out = response.getWriter(); String title = "Tracker"; HttpSession session = request.getSession(true); String heading; Integer accessCount = (Integer) session.getAttribute("accessCount"); if (accessCount == null ) { accessCount = new Integer (0); heading = "Welcome"; } else { heading = "Welcome"; accessCount = new Integer(accessCount.intValue() + 1); } session.setAttribute("accessCount", accessCount); out.println( "Count\n" + "" + heading + "\n" + "Information\n" + "Info typeValue\n" + "ID" + session.getId() + "Creation time" + new Date(session.getCreationTime()) + "Time \n" + new Date(session.getLastAccessedTime()) + "Number" + accessCount + ""); } } 10. [5 pts] What imported files are missing? 11. [5 pts] In a sentence or two describe what the servlet does. 5 12. [10 pts] Draw a sample output for the servlet. You can make up any data that is not specified. REST in Java Questions [10 pts] The following code issues a request and returns the entire response as one long string. Some of the code has been removed. Answer the 4 questions below supplying the missing code. public static String httpGet(String urlStr) throws IOException { URL url = new URL(urlStr); HttpURLConnection conn = (HttpURLConnection)url.13.XXXXXXXXXXX(); if (conn.getResponseCode() != 14.XX) { throw new IOException(conn.getResponseMessage()); } BufferedReader rd = new BufferedReader(new InputStreamReader(conn.getInputStream())); StringBuilder sb = new StringBuilder(); String line; while ((line = rd.15.XXXXXX()) != null) { sb.append(line); } rd.close(); conn.disconnect(); return sb.16.XXXXXX(); } 13. [3 pts] 14. [3 pts] 6 15. [2 pts] 16. [2 pts] Tomcat (Assignment #7) Questions [20 total pts] 17. [2 pts] In one sentence describe the contents of the file whose name is server.xml? 18. [2 pts] Name two methods that are handled by this web server. 19. [2 pts] What is the condition that causes the web server to return a 304 status code? 20. [2 pts] What does SOAP stand for, and what is its purpose? 21. [3 pts] What is Apache Axis? 22. [3 pts] Define the acronym WAR and in one sentence give its definition: 23. [2 pts] What is a major difference between Tomcat and Apache? 24. [2 pts] In what directory of Tomcat does one place Java servlets that are part of a user-developed application? 7 25. [2 pts] Below are 4 possible addresses of Tomcat servers for this class, but only one is correct. Choose the correct one. a. http://www-scf.usc.edu:9980/index.jsp b. http://cs-server.usc.edu:80/index.jsp c. http://www-scf.usc.edu/~csci571/index.jsp d. http://cs-server.usc.edu/index.html High Performance Web Sites [5 total points] 27. [5 pts] The lecture on high performance web sites listed 14 ways to improve the download performance of a website. List 5 of the ways that were presented by providing one or two sentences that describe what they are. 8 Computer Science 571 2nd Exam Prof. Horowitz Tuesday, April 24, 2012, 9:30am – 10:45am Name: Student ID Number: 1. This is a closed book exam. 2. Please answer all questions on the test Javascript + Ajax [20 pts] JSON [10 pts] XML Schemas [15 pts] Java Servlets [15 pts] Web Site Performance [15 pts] HTML5 [10 pts] Tomcat [5 pts] Assignment #8 [10 pts] JavaScript and AJAX Questions [20 pts] Above are two web pages. The first page shows 4 links: August Page, September Page, October Page, and November Page. The second page shows what happens when the cursor is placed over the link labeled August Page. Below is the JavaScript source code that is imported into the web page and that generates the effect you see above. Some of the code has been elided, using XXXXXXX. Please supply the missing code. 1 window.onload = XXXXXXXXXXX; _____________ var xhr = false; var xPos, yPos; function initAll() { var allLinks = document.getElementsByTagName("XXXXXX"); _____________ for (var i=0; i< allLinks.XXXXXX; i++) { _____________ allLinks[i].onmouseover = showPreview; } } function showPreview(evt) { getPreview(evt); return false; } function hidePreview() { document.getElementById("previewWin").style.visibility = "XXXXXX"; } _____________ function getPreview(evt) { if (evt) { var url = evt.target; } else { evt = window.event; var url = evt.srcElement; } xPos = evt.clientX; yPos = evt.clientY; if (window.XXXXXXXXX) { _____________ xhr = new XXXXXXXXX(); } _____________ else { if (window.ActiveXObject) { try { xhr = new ActiveXObject("Microsoft.XMLHTTP"); } catch (e) { } } } if (xhr) { xhr.onreadystatechange = showContents; xhr.open("GET", url, true); xhr.send(null); } else { alert("Sorry, but I couldn't create an XMLHttpRequest"); } } function showContents() { var prevWin = document.getElementById("XXXXXXX"); ____________ if (xhr.readyState == 4) { prevWin.innerHTML = (xhr.status == XXX) ? _____________ xhr.XXXXXXXX : "There was a problem with the _____________ request " + xhr.status; prevWin.style.top = parseInt(yPos)+2 + "px"; prevWin.style.left = parseInt(xPos)+2 + "px"; prevWin.style.visibility = "visible"; prevWin.onmouseout = XXXXXXXXX; }} _____________ 2 JSON Question [10 pts] The Yahoo! PlaceFinder uses REST calls to access its data. A sample REST call is shown below followed by an edited version of what is returned: http://where.yahooapis.com/geocode?q=1600+Pennsylvania+Avenue,+Wa shington,+DC&appid=[yourappidhere] 38.898717 -77.035974 1600 Pennsylvania Ave NW Washington, DC 20006 United States When the “format=JSON” is selected, instead of an XML result a JSON response is returned. Please fill in the JSON missing code: {“ResultSet”: } 3 XML Schema Questions [15 pts] Below is the shiporder.xsd file which is an XML Schema definition for a ship-order: 4 [10 pts] Write a ship-order instance file that represents the following order: one item is ordered: “Titanic Vessel”, priced at $7,500,000, order ID 998877, ordered by White Star Line, shipped to Captain Edward Smith at address Pier 71, Southampton, England.. [5 pts] A typical Los Angeles phone number begins with a “1” followed by a dash, followed by a 3 digit area code, followed by a dash, followed by 3 digits, a dash, and 4 digits. Create a new simple type called LAPhoneNumber using the notation of XML schemas. 5 Java Servlet Questions [15 pts] Below is snapshot of a web page that includes two cookie values and a pair of text boxes. The values Color and Red have been placed into the text boxes. In the second snapshot you see the resulting web page after the Submit button is clicked. Initial screen with values: Color and Red input Result after the submit button is clicked [10 pts] Below is the source code for the Java servlet that is called by the web page on the left to produce the web page on the right. Some of the code has been removed using XXXXX. You are asked to provide the missing code: import java.io.*; import javax.servlet.*; import javax.XXXXXXXXX*; ___________________________ public class CookieExample extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { response.setContentType("XXXXXX"); ______________________ PrintWriter out = response.getWriter(); Cookie[] cookies = request.XXXXXX(); ______________________ for (int i = 0; i < cookies.XXXXXX; i++) { ______________________ XXXXXX c = cookies[i]; ______________________ String name = c.getName(); String value = c.getValue(); out.println(name + " = " + value); } String name = request.getParameter("cookieName"); if (name != null && name.length() > 0) { String value = request.getParameter("cookieValue"); Cookie c = new Cookie(name, value); response.addCookie(c); } }} 6 [5 pts] What is the name assigned to the pair of text boxes that hold the values Color and Red as defined in the HTML for the web page? Answer: Web Performance Questions [15 pts] [5 pts] Among the 14 rules that were given for improving the client-side performance of a web page one rule suggests placing items at the bottom of the web page. What rule is it? Answer: [5 pts] Consider the following HTTP response header HTTP/1.1 200 OK Date: Fri, 30 Oct 2008 13:19:41 GMT Server: Apache/1.3.3 (Unix) Cache-Control: max-age=3600, must-revalidate Expires: Fri, 30 Oct 2008 14:19:41 GMT Last-Modified: Mon, 29 Jun 2008 02:28:12 GMT ETag: "3e86-410-3596fbbc" Content-Length: 1040 Content-Type: text/html Will this page be cached by the browser? If so, for how long? Answer: [5 pts] Consider the following lines of code that have been placed within the httpd.conf file of the Apache web server: Header set Expires "Thu, 15 Apr 2010 20:00:00 GMT" Explain the purpose of the above lines: Answer: 7 HTML5 Questions [10 pts] HTML5 offers many new syntactical elements. Below is a list of elements some of which are new to HTML5 and the others already existed in HTML4. Identify the new elements introduced in HTML5: , , , , , , , , , , , , , , , ,, , , , , Answer: Tomcat Questions [5 pts] [2 pts] In what folder of Tomcat does one place Java servlets that are part of a user-developed application? Answer: [2 pts] What is the name of the deployment descriptor file that must be modified to deploy a Java servlet? Answer: [1 pts] What is the name of the folder where the Tomcat server is configured? And what is the name of the file that must be edited with port settings? Answer: Assignment #8 Questions [10 pts] [5 pts] Write out the URL that you used to invoke your Java servlet in assignment #8: Answer: 8 [5 pts] In the prototype solution for assignment #8, as part of the routine that uploads the selected hotel and related information to Facebook there is the following component of FB shown below: (assume that hotel_name, hotel_location, hotel_rating, hotel_image, hotel_review and hotel_no_review have been appropriately set); your task is to supply the missing information, shown as XXXXX FB.XXXXX( ________________ { XXXXX: "stream.publish", ________________ user_message_prompt: "", message: "", XXXXX: { ________________ name: ""+hotel_name, href: ""+hotel_review, caption: "Check this hotel", description: ( "The Hotel is located at " +hotel_location+" and has a rating of "+hotel_rating+"." ), media:[{ type: "image", src: ""+hotel_image, href: ""+hotel_review}], properties:{ "Find the Hotel Reviews ":{"text":"here","href":""+hotel_review} } }, action_links: [ { text: "Check Reviews", href: ""+hotel_review } ] }, XXXXX(response) { ________________ if (response && response.post_id) { alert('Post was successfully published to Facebook.'); } else { alert('Post was not published to Facebook.'); } } ); } 9 Computer Science 571 2nd Exam Prof. Horowitz Tuesday, April 30, 2013, 9:30am – 10:45am Name: Student ID Number: 1. This is a closed book exam. 2. Please answer all questions on the test Javascript + Ajax [25 pts] XML Schemas [25 pts] Cookies and Privacy [14 pts] JSON [10 pts] Assignment #8 [20 pts] HTML5 [6 pts] JavaScript + Ajax Above is a portion of a web page creating just a text box and a Go button. Below is the HTML that created the above which includes three JavaScript functions that perform an 1 XMLHttpRequest and subsequent update to the HTML page. Some of the code has been removed and questions follow. Simple Ajax Example function xmlhttpPost(strURL) { var xmlHttpReq = false; var self = this; // Mozilla/Safari if (window.XMLHttpRequest) { self.xmlHttpReq = new XMLHttpRequest(); } // IE else if (window.ActiveXObject) { self.xmlHttpReq = new ActiveXObject("Microsoft.XMLHTTP"); } self

CS571 Summer 2021: Web Technologies Exam 2 PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue