5. Serverside JS Scripting with Node.js

Question 1

Powerful runtime environment for executing JavaScript code outside of a web browser and it brings JavaScript laguage to the server-side - enabling developers to build scalable, high performance and event-driven applications.

Answer 1

Node.js

Question 2

Eliminates the need for context switching and enables code reuse between the front-end and back-end resulting in improved productivity and reduced development time.

Answer 2

allows developers to use JS both on the client-side and server-side providing a unified language and ecosystem.

Question 3

Node.js has a vast and active ecosystem of modules and libraries available through the

Answer 3

Node Package Manager (npm)

Question 4

NodeJs is particularly well-suited for building

Answer 4

web apps
APIs
real-time apps requiring instant data updates
bidirectional communications like chat apps
multiplayer games
streaming applications like audio or video processing
real-time analytics
microservices
scalable APIs
single-page apps
Internet of Things deployments

Question 5

Among other things Node.js is a

Answer 5

web server framework

Question 6

function when called with either read and serve our index.html
generate a 200 success code
or if there is a problem
generate a 500 error code

Answer 6

server

Question 7

listening port for app and can be any value between 1 and

Answer 7

65535

Question 8

calls the server function and modifes port number and writes entry to console.log

Answer 8

listen

Question 9

used within file system to initialize a new Jode.js project and create a package.json

Answer 9

npm init command

Question 10

File that serves as the manifest for the project and contains metadata and configuration information about the project, its dependencies, scripts and other details

Answer 10

package.json

Question 11

to add dependencies you can do it manually or use

Answer 11

npm install <package-name></package-name>

Question 12

Automatically generated by npm when you install dependencies for your project and serves as a lockfile that ensures deterministic and reproducible builds of your project across different environments.

Answer 12

package-lock.json

Question 13

The package-lock.json file should be included in version control systems so that other developers or deployment environments can reproduce the exact dependency tree and versions used in the project

Answer 13

version control

Question 14

directory created by npm as a storage location for all the packages and modules our project relies on and it is where you install packages using npm install, the downloaded packages are placed here.

Answer 14

node_modules

Question 15

creates hierarchical structure in the node_modules directory

Answer 15

reflects dependency tree of your project.

Question 16

Lightweight and flexible web framework for Node.js for simplifying the development of web applications and APIs and allows developers to easily handle
routing
middleware
HTTP request/response handling

widely used for building scalable and efficient web applications offering a balance between simplicity and powerful functionality for server-side development

Answer 16

Express.js

Question 17

File that serves as templates for generating dynamic HTML content and is a popular templating engine that allows you to embed JavaScript code within HTML markeup and each file is a “view” that defines the structure and layout of the rendered web pages.

separate the presentation logic from the application logic

Answer 17

EJS - Embedded JavaScript

Question 18

Begins by loading al necessary modules, including Express itself, csv-parser for reading our CSV dat and fs to allow our app to work with the local filesystem

Answer 18

app.js

Question 19

Module is middleware designed to handle different types of request data
JSON payloads
URL-encoded data

provides parsing functionality for these types of data and exposes them as properties of the req.body object.

Answer 19

body-parser module

Question 20

Method sets EJS as templating engine we will be using and it points to the views/ directory as the location of our tempates files

Answer 20

app.set

Question 21

Method defines the encoding bodyParser will use .

Answer 21

app .use

Question 22

Method declares a variable that will be used to hold our CSV data

Answer 22

.let

Question 23

Method begins by defining the route to be used for requests and responses

Answer 23

app.get

Question 24

Tells us that we should look in the same local root directory where the app.js file lives

Answer 24

/ forward slash

Question 25

Value here specifies that we want the options column from our data to act as the index column

Answer 25

row.option

Question 26

Manages form submission and sends requests from the form page so that the page generated by the result template can be properly managed at the end

Answer 26

app.post

Question 27

starts a loop using the forEach method to iterate over each element in the data array.

Answer 27

.<% data.forEach((item) => { %>:

Question 28

generates an <option> element for each item in the data array and the value attribute of the option is set to the value of the item and the text content of the option is also set to the value of the item</option>

Answer 28

.<option><%= item %></option>:

Question 29

Type of vulnerability where an attacker injects malicious scripts into a web app tht are then executed by unsuspecting users visiting the affected page. this can lead to unauthorized actions or data theft.

Answer 29

Cross-Site Scripting (XSS)

Question 30

To prevent Cross-Site Scripting attacks - Express.js provides security measures like escaping user input, using secure templating engines and employing content security policies CSP

Answer 30

To restrict execution of scripts.

Question 31

An attack where the attacker tricks the victim into performing uninted actions on a web application while authenticated

occurs if the app does not vailadate the origin of the request allowing unauthorized requests to be executed on behalf of the victim

Answer 31

Cross-Site Request Forgery (CSRF)

Question 32

Express.js provides protection against CSRF through middleware - unique values included in forms or requests to verify their authenticity

Answer 32

Cross-Site Request Forgery tokens

Question 33

The process of ensuring that the data submitted by users through forms or ither input mechanisms meets the expected criteria and is safe to use

Answer 33

User Input Validation

Question 34

The real language of programmatic data management is

Answer 34

database

Question 35

Meas the syntax you’ll use for interacting with sqlite database will closely parallel how you’d do it with MariaDB, Amazon Aurora, Oracle, or MS SQL Server

Answer 35

SQL

Structured Query Language

Question 36

will create a new table and add a single entry

Answer 36

db.js

Question 37

will add a second entry to the table

Answer 37

db_add.js

Question 38

will change the details for on or two entries

Answer 38

db_modify.js

Question 39

will remove an entry

Answer 39

db_delete.js

Question 40

With this in place when this method is run itl automatically hand the escaping of the variable value, prventing SQL injection.

Answer 40

db.run()

Question 41

used to UPDATE a record

Answer 41

updateQuery