Final P2

Question 1

form tag itself has two very important attributes.

Answer 1

1. Action which specifies where the form should be sent

2. Method which specifies the HTTP method to be used in the HTTP request sent when the form is submitted

Question 2

percent-encoding or URL encoding

Answer 2

certain special characters that have a specific meaning within URLs are encoded with other characters

Question 3

T or F: A GET request will send the same data as POST. But instead of sending it as part of the URL, it is sent in the body of the request.

Answer 3

False: A POST request will send the same data as GET. But instead of sending it as part of the URL, it is sent in the body of the request.

Question 4

T or F: Unless we use the HTTPS protocol, which encrypts the HTTP communication, an intruder can see the body of a POST request.

Answer 4

True

Question 5

T or F: even when using HTTPS protocol, we must not use GET for submitting sensitive data, such as passwords. Many web servers log the URL of HTTP requests, and putting sensitive data in the URL with GET requests can result in that data being saved in log files.

Answer 5

True

Question 6

T or F: Another limitation of POST is that browsers often place a limitation on the length of the query string, whereas no such limits are placed on the body length.

Answer 6

False: GET

Question 7

Processing a submitted form in ___ requires adding a route for the URL and HTTP method specified in the form. ___ then provides the data submitted in the form as a JSON object to our route handler function

Answer 7

Express

Question 8

GET route handler example

Answer 8

app.get(“/review”, (req, res) => {
console.log(req.query);
res.send(req.query);
});

Question 9

POST route handler example

Answer 9

app.post(“/review”, (req, res) => {
console.log(req.body);
res.send(req.body);
});

app.use(express.urlencoded({
extended: true
}));

Question 10

T or F: CSS is a language for describing the presentation of documents. It allows us to specify rules using which we can selectively style HTML elements. Typically we write these CSS rules into stylesheets which are files containing CSS rules.

Answer 10

True

Question 11

CSS selector

Answer 11

selects the HTML element to which the rule applies

Question 12

CSS format

Answer 12

h1 {
color: red;
font-size: 25pt;
}

Question 13

CSS: The universal selector *

Answer 13

matches all elements

Question 14

CSS: The ___selector matches elements based on the element ___

Answer 14

type

Question 15

CSS: The ___ selector selects the single element with a matching __ and is of the form #id

Answer 15

ID

Question 16

CSS: The ___ selector selects all elements in which the attribute class has that value

Answer 16

class

Question 17

T or F: IDs are good for anchoring and specifying unique blocks, whereas classes are more about design properties that get used again and again.

Answer 17

True

Question 18

CSS: Is it possible to specify rules that apply to multiple selectors.?

Answer 18

Yes, This is done by specifying multiple selectors separated by commas.

Question 19

CSS: We can specify selectors that select elements based on their location in the document

Answer 19

combinator selector

Question 20

CSS: We can combine selectors to form more complex selectors. A common use is combining a type and a class to specify a selector that applies to tags with that type but only if they have that particular class. The syntax for this is tag.class.

Answer 20

Complex Selector

Question 21

CSS also supports selectors that are based on the state of an element

Answer 21

CSS Pseudo Selectors

selector:pseudo-class {
property: value;
}

Question 22

T or F: Common use cases for CSS pseudo-classes are changing the style of an element when the mouse hovers over it, and displaying visited links differently from links that have not been visited.

Answer 22

True

Question 23

CSS: Rule Precedence

Answer 23

1. Later rules overrule earlier rules.

2. Rules with a more specific selector take precedence over those with more general selectors.

Question 24

Colors in CSS are represented in three ways.

Answer 24

1. Hex (hexadecimal) values in the form of #RRGGBB.
2. Decimal values in the form of rbg(x, y, z)
3. Named colors

Question 25

T or F: In CSS, the absolute units are not relative to anything, whereas the relative units are relative to something else, e.g., the size of the parent element.

Answer 25

True

Question 26

The most commonly used relative units are __ and __.

Answer 26

1. em

2. rem

Question 27

T or F: em is a relative unit based on the current font size of the parent element. For example, 2em means two times the parent element’s current font size.

Answer 27

True

Question 28

T or F: rem is a relative unit based on the current font size of the root element. For example, 2rem means two times the current font size of the root element.

Answer 28

True

Question 29

Size Properties in the Box Model

Answer 29

1. Element (width/height)
2. Padding (padding-top, etc.)
3. Margin (margin-top, etc.)
4. Border (can specify color, style, width)

Question 30

T or F: The position CSS property sets how an element is positioned in a document. The top, right, bottom, and left properties determine the final location of positioned elements.

Answer 30

True

Question 31

T or F: With relative positioning, the browser figures out where something should to be positioned using its default positioning algorithm.

Answer 31

False: static

Question 32

T or F: Elements with static positioning are moved in relation to where they would be placed by the static positioning.

Answer 32

False: relative

Question 33

T or F: Elements with absolute positioning are positioned in relation to the parent element.

Answer 33

True

Question 34

T or F: Elements with fixed positioning are positioned with respect to the document window

Answer 34

True

Question 35

T or F: As a first step to rendering a page, the browser parses the HTML document and creates a DOM tree from it. From there the browser renders the page by rendering each node of the DOM tree.

Answer 35

True

Question 36

T or F: The DOM (Document Object Model) is the model that a browser uses to render a web page

Answer 36

True

Question 37

T or F: The DOM gives a representation of a document as a logical tree of nodes and includes an API for interacting with this tree representation. This allows us to write programs to statically access and modify the content, structure, and style of an HTML document.

Answer 37

False: This allows us to write programs to DYNAMICALLY access

Question 38

T or F: Versions of DOM are referred to as levels. When we read the DOM specification on the W3C website we will find a description of interfaces rather than the description of the API in a particular programming language.

Answer 38

True: This is because the DOM specification is programming language neutral. Many programming languages have implemented the DOM specification so that programs written in that language can use the DOM API.

Question 39

T or F: The object ___ represents the browser window and the object ___ represents the webpage currently loaded in this browser window.

Answer 39

1. window

2. document

Question 40

T or F: The object document gives us an entry point into the DOM tree that the browser has built up after it parsed the webpage.

Answer 40

True

Question 41

DOM tree includes nodes of the following type:

Answer 41

1. Document
2. Document Type
3. Element
4. Attribute
5. Text

Question 42

Any node that has one or more children has the following properties:

Answer 42

1. firstElementChild
2. lastElementChild
3. nextElementSibling
4. previousElementSibling
5. children
6. parentNode

Question 43

T or F: All of these are methods for searching for elements:

1. getElementById
2. getElementsByTagName
3. getElementsByClassName
4. querySelector

Answer 43

True

Question 44

T or F: Probably the most basic property of a node is its textContent. This contains all the text content of a node, and its children, in a string representation.

Answer 44

True

Question 45

T or F: Setting a node’s textContent to an empty string will clear out all of its text and that of its child nodes.

Answer 45

True

Question 46

Nodes of type element have a property named ___which get the HTML markup within an element.

Answer 46

innerHTML

Question 47

As we can see ___ of this p element contains its text content and that of its child element b concatenated as a string, but it does not contain the HTML tags or the attribute. On the other hand, the ___ property contains all the HTML content, including the tags of child elements and attributes inside the element book.

Answer 47

1. textContent

2. innerHTML

Question 48

T or F: Using the property innerHTML to insert text into a webpage is a security risk. It is recommended that the insertion of plain text should be done using textContent and should not use innerHTML

Answer 48

True

Question 49

Adding nodes in a DOM tree is a two step process:

Answer 49

1. Create the node by calling the appropriate method on the document object.
2. The newly created node does not yet appear in the DOM tree. As the second step, we insert the new node at the desired position in the DOM tree.

Question 50

T or F: The method document.createTextNode() can be used to create new text nodes. However, in most cases we can simply add text content using the textContent property we discussed earlier, rather than creating a text node.

Answer 50

True

Question 51

T or F: To create elements we use the method document.createElement().. It takes one argument which is the name of the element we want to create and returns an element of that type. However, the newly created element does not yet exist in the DOM tree.

Answer 51

True

Question 52

T or F: There are many different methods available to insert nodes in a DOM tree, but one of the most common ways to insert elements is calling the method appendChild(newChild) on a node. This method will add the node newChild as the last child of the node the method was called on.

Answer 52

True

Question 53

the method ___ and pass it the node we want to remove as an argument

Answer 53

removeChild()

Question 54

When a user takes an action, the browser dispatches an event based on the type of user action. We can use JavaScript to register functions called event handlers. What type of programming is this?

Answer 54

event-driven programming

Question 55

T or F: When an event of particular type occurs, the browser executes the event handler registered for that type of event. We can program event handler functions so that they modify attributes of DOM nodes, modify the DOM tree or send HTTP requests to a webserver, thus providing interactivity in our application.

Answer 55

True

Question 56

Event handling requires specifying 3 things

Answer 56

1. What happened, i.e., what is the event of interest?
2. Where did this event occur, i.e., what is the element of interest?
3. What to do, i.e., what JavaScript code to invoke when the event occurs on this element?

Question 57

Types of DOM events that should be handled

Answer 57

1. mouse-related events
2. keyboard-related events
3. focus-related events
4. form submission events
5. Input event
6. page related events
7. timer events

Question 58

There are two ways to register an event handler to execute when an event occurs on an element.

Answer 58

1. Register the JavaScript code inline, as the value of an attribute with the name of the event (not recommended).
2. Register the JavaScript code using the DOM API.

Question 59

Registering an event handler on an element: Register the JavaScript code using the DOM API format

Answer 59

myElem.addEventListener(‘click’, mouseClick)

Question 60

Example: Registering an Event Handler

Answer 60

// The browser can pass the event to the event handler
        function mouseClick(event) {
            console.log('Mouse clicked on the following element');
            // The property event.target is set to the element which dispatched
            // the event. We will discuss this and other properties of 
            // event in the next section.
            console.log(event.target);
            // If the color is currently red, set it to green.
            // Otherwise set it to red.
            event.target.style.color = event.target.style.color === 'red' ?
                            'green' : 'red';
        };

    window.onload = function () {
        document.getElementById('registerWithDOM').addEventListener("click", mouseClick);
    };

Question 61

T or F: We remove an event handler from an element by calling the method removeEventListener on this element.

Answer 61

True

Question 62

Example: Removing an Event Handler

Answer 62

function unbindButton() {
            document.getElementById('backgroundChanger').removeEventListener('click', changeColor);
        }

Question 63

T or F: When an event is raised, the browser cannot pass an object corresponding to this event to our handler.

Answer 63

False, it can

Question 64

Some of the most important properties of this object include the following:

Answer 64

1. type: the name of the event, e.g., click, mouseup, etc.
2. timeStamp: the time that the event was created.
3. target: the element that dispatched the event.
4. currentTarget: the element on which the event listener was registered.

Question 65

T or F: Load events are called when a resource and all of its dependent resources have finished loading. When we want some JavaScript code to execute as soon as a resource is loaded, we can register a handler with that JavaScript code to the corresponding load event.

Answer 65

True

Question 66

Load Event Example: A common use case is when we want to manipulate a webpage as soon as it is loaded.

Answer 66

document.addEventListener(“DOMContentLoaded”, function(event) {
console.log(“DOM fully loaded and parsed”);
});

Question 67

___ provide another mechanism for event-driven programming in JavaScript. These ___ are used in client-side code for animations or for automatic page refreshes.

Answer 67

Timers

Question 68

Timer example

Answer 68

setTimeout(turnBackgroundRed, 10000);

Question 69

We can call the method ___ () on an event to prevent the default action for the event from taking place.

An example use case is calling this method on a submit event to prevent the submission of a form if the form validation fails, as shown in the following code snippet.

Answer 69

preventDefault

Question 70

When an event is fired at an element that has parent elements, what happens if event handlers are defined at both the element and its parent?

Answer 70

The default behavior is that the event bubbles up the DOM tree until it gets to the root element, i.e., the html element. This is called the bubbling phase.

Question 71

The event handler on any element can stop an event from bubbling up the DOM tree by calling the method of the event in question.

Answer 71

stopPropagation

Question 72

Is it also possible to define event handlers which are executed on the DOM tree starting with the html element and going down the tree until the element on which the event occurred is reached?

Answer 72

Yes, This is called the capturing phase and the event is said to trickle-down the DOM tree. Using stopPropagation stops an event from trickling down the DOM tree, similar to how this method stops an event from bubbling up. By default, event handlers are registered for the bubbling phase and registering handlers for the capturing phase is a lot less common.

Question 73

___ programming is an essential feature of modern JavaScript. It is widely used to build scalable, performant web apps. ___ features of JavaScript are used in both client-side and server-side programs.

Answer 73

Asynchronous

Question 74

By default, JavaScript code run ___ in a single thread

Answer 74

synchronously

Question 75

Asynchronus or Synchronous?

Each function runs to completion before any other code is executed in the program.

Answer 75

Synchronous

Question 76

___ means that the entire program is halted until that line of code finishes executing.

Answer 76

Blocking

Question 77

Asynchronus or Synchronous?

non-blocking. As soon as an ___ function is called, the next line of code in the calling function can be executed.

Answer 77

Asynchronus

Question 78

T or F: When the asynchronous function completes, its results can be accessed by the main thread using callbacks or via the newer features of Promises and await/async.

Answer 78

True

Question 79

Why Using Callbacks is Unsatisfactory

Answer 79

when our program needs to make multiple asynchronous calls that depend on each other (nested), implementing asynchronous functionality using callback functions can lead to hard-to-understand code

Question 80

A ___ is a JavaScript object that represents the result of an asynchronous operation whose results may not be available as yet.

Answer 80

Promise

Question 81

When the asynchronous function successfully finishes, it fills in the Promise object with the result and sets its state to ___ . The promise is now said to have been ___ . The Promise is said to have resolved to this result value.

Answer 81

fulfilled

Question 82

The asynchronous function returns a ___ object.

Answer 82

Promise

Question 83

The initial state of this Promise object is ___ meaning it does not yet have a result.

Answer 83

pending

Question 84

When the asynchronous function fails due to an error, it will not produce a value. In this case, the state of the Promise object is set to ___. The promise is said to have been ___.

Answer 84

rejected

Question 85

Once the state of the Promise objects is set to either the fulfilled or rejected, it is said to have been ___.

Answer 85

settled

Question 86

T or F: When we call a function which returns a promise, we provide functions that will be executed when the promise settles.

Answer 86

True

Question 87

Using the ___ method on the promise, we provide a function that will be called when the promise returns a result, i.e., it is fulfilled. If the function provided to ___ returns another promise, we can process its result by calling the ___ method again

Answer 87

then()

Question 88

Using the ___ method on the promise, we provide a function that will be called when the promise fails, i.e., it is rejected.

Answer 88

catch()

Question 89

The function ___ has one required parameter identifying the resource for which an HTTP request would be sent. By default, ___ sends a request with the GET method. ___ returns a promise.

Answer 89

fetch()

Question 90

fetch() example

Answer 90

function getData(url) {
return fetch(url)
.then(response => response.text())
.then(data => addData(data))
.catch(error => console.error(error));
}

Question 91

when one asynchronous function returns a promise which is then passed to another asynchronous function that in turn returns a promise, we can chain these function calls by using multiple ___ methods.

Answer 91

then()

Question 92

The ___ keyword takes a promise and waits for the promise to be settled. If the promise is fulfilled, the resolved value is returned.
If the promise is rejected, an exception is thrown with the rejection value of the promise.

Answer 92

await

Question 93

we can only use ___keyword in a function that is declared with the ___ keyword

Answer 93

await

async

Question 94

An ___ function is executed asynchronously which means that the call to the ___function returns immediately. A __ function always returns a promise.

Answer 94

async

Question 95

async example

Answer 95

async function getData(url) {
    try {
        const response = await fetch(url);
        const data = await response.text();
        addData(data);
    } catch (error) {
        console.error(error)
    }
}

Question 96

When we write code in an ES module, only those functions, classes or variables that are explicitly exported using the keyword export are available outside the module. Such exports are called named ___. Everything else is inaccessible to code outside the module.

Answer 96

exports

Question 97

We ___ named features from a module using the ___ statement along with the name of the features we want to ___ and the URL of the file containing the module.

Answer 97

import

Question 98

We can import all the exported features into an object by using __.

Answer 98

*

Question 99

We can tag at most one feature in an ES module with the export ___ tag. The benefit of default exports is that the syntax for importing the default feature is very simple.

Answer 99

default

Question 100

With CommonJS modules, we import features using the ___ built-in function. This function takes one argument which identifies the module or the local file we want to import into our code.

Answer 100

require()

Question 101

In CommonJS, the function ___ reads the module/file passed to it as an argument. It executes this module/file and returns the ___object from the file.

Answer 101

require()

exports

Question 102

IUSING ES Modules with node:

Use the extension \_\_ for files which want to export modules using ES syntax and for files which want to import modules using ES syntax.
Use the extension \_\_ for such files and also add a top level property "type" with the value "module in the file package.json.

Answer 102

.mjs

.js

Question 103

Express: To serve static files, we added the following statement to our server programs:
app.use(express.___(‘public’));

Answer 103

static

Question 104

Express: When our server program needed to process forms, we added the following statement to our program
app.use(express.___({extended: true}));

Answer 104

urlencoded

Question 105

A ___is simply a function that Express applies to an HTTP request in our Express programs. We can think of an Express program as a pipeline of ___functions which are applied to an HTTP request.

Answer 105

middleware

Question 106

Most middleware functions take three arguments:

Answer 106

1. request
2. response
3. next()

Question 107

Another form of middleware functions, called Error-handling middleware, takes four arguments:

Answer 107

1. error
2. request
3. response
4. next()

Question 108

Each middleware function in an Express app is associated with a ___(or route). A middleware function applies to an HTTP request only if that function’s ___matches the URL of the request.

Answer 108

path

Question 109

T or F: The middleware functions with routes matching a request’s URL are applied in the exact order of how they appear in the code of our Express app, thus setting up a pipeline of functions.

Answer 109

True

Question 110

A middleware function can pass the request to the next middleware function in the pipeline by calling the ___ function that is provided to it as an argument.

Answer 110

next()

Question 111

The pipeline of middleware functions terminates when:

Answer 111

1. All middleware has been applied to the request

2. There’s no next() call

Question 112

What happens if a middleware function is executed, but it does not call next() and does not send back a response?

Answer 112

In this case, because next() has not been called the pipeline terminates and no other middleware function will be executed. However, no response has been sent back to the client program which sent the request. This will cause the client to ultimately timeout and report an error, e.g., a network error.

Question 113

middleware example

Answer 113

// route handler 1
app.get("/", (req, res, next) => {
    console.log("Handling / and calling next");
    next();
});

// route handler 2
app.get("/abcd", (req, res, next) => {
    console.log("Handling abcd and calling next");
    next();
});

// route handler 3
app.get("/abcd", (req, res, next) => {
    console.log("Handling abcd and not calling next");
    res.send(`typeof next is ${typeof (next)}`);
});

Question 114

___ is intended for binding middleware to your application. The path is a “mount” or “prefix” path and limits the middleware to only apply to any paths requested that begin with it.

Answer 114

app.use()

Question 115

__ is part of Express’ application routing and is intended for matching and handling a specific route when requested with the GET HTTP verb:

Answer 115

app.get()

Question 116

A ___is an organized collection of data while a ____ is the software used to manage databases

Answer 116

database

database management system (DBMS)

Question 117

Two important features of A DBMS

Answer 117

1. supports efficient CRUD

2. execution of CRUD operations for a large number of users

Question 118

T or F: Relational DBMS, such as Oracle, SQL Server, PostgreSQL, MySQL, etc., are the most common types of DBMS in current use.

Answer 118

True

Question 119

In a ___ DBMS, data is organized as tables.

Answer 119

relational

Question 120

In a ___-oriented DBMS, also simply called a ____DBMS, data is stored as a ____in a format such as JSON or XML.

Answer 120

document

Question 121

T or F: Document-oriented DBMS, such as MongoDB, Amazon’s DocumentDB, Couchbase, Google’s Firestore, are newer than relational DBMS

Answer 121

True

Question 122

In a ___ DBMS, data is added to a collection.

Answer 122

Document

Question 123

___DBMS support a standard query language called SQL (Structured Query Language). SQL provides support for all CRUD operations on tables, as well as support for creating, updating and dropping tables.

Answer 123

Relational

Question 124

___ DBMS started out as explicitly rejecting SQL and were associated with a movement termed NoSQL DBMS. CRUD operations were, and continue to be, supported via functions provided by the document DBMS.

Answer 124

Document

Question 125

useful commands we can run using mongo: show dbs

Answer 125

List all databases in the MongoDB server

Question 126

useful commands we can run using mongo: use db_name

Answer 126

Use the database db_name. Substitute db_name with the name of database you want to connect to. If the database does not exist, it will be created.

Question 127

useful commands we can run using mongo: show collections

Answer 127

List all the collections in the current database

Question 128

T or F: mongo does not include a JavaScript API

Answer 128

False, it does. which we can use to create and manage collections, as well as perform CRUD operations on a collection

Question 129

db.getCollectionNames()

Answer 129

List all the collections in the current database

Question 130

db.createCollection(…)

Answer 130

Create a new collection

Question 131

db.coll.insert(…)

Answer 131

Create a document in the collection coll. The argument is a JSON object. MongoDB creates and associate a unique object ID value with each document. This value is stored in the property _id.

Question 132

db.coll.findOne()

Answer 132

Return a single document at random from coll.

Question 133

db.coll.find()

Answer 133

Return all documents from coll that match the criteria passed in the argument. If the number of documents exceeds 20, then batches of up to 20 documents are returned. Type it to get the next batch

Question 134

db.coll.update({“_id”: ObjectId(“123”)}, {…} )

Answer 134

Update the document with object ID 123.

Question 135

db.coll.remove({“_id”: ObjectId(“123”)})

Answer 135

Delete the document with object ID 123.

Question 136

db.coll.remove({ … })

Answer 136

Delete all the documents matching the criteria passed in the argument.

Question 137

The basic idea of ___ is that we decompose the functionality of an app with a GUI into 3 layers, model, view, and controller.

Answer 137

MVC (Model-View-Controller)

Question 138

The ___of an app corresponds to the layer that manages the application’s data.

Answer 138

model

Question 139

In apps developed using languages with support for object-orientation, the model will include:

Answer 139

1. Classes in the app that represent the data in the database.
2. Code that maps the data in the database to these classes and maps the classes to the data in the database.
3. Code that executes CRUD operations on the DBMS.

Question 140

The ___is the layer of the app that displays data from the app. In a web app, the ___is ultimately rendered in HTML and CSS. The ___does not directly interact with the model. Instead, it will send information about a user’s interaction with the ___to the controller.

Answer 140

view

Question 141

The ___is the layer of the app that connects the view to the model. The ___handles requests from the view layer. It determines how to process the request. It decides how to involve the view and model layer in processing the request, including how the view and the model might be updated due to the request.

Answer 141

controller

Question 142

In an Express app, the controller layer is implemented by the ____, which

1. Receive requests
2. Call functions to perform CRUD operations on the model layer
3. Send back responses that update the view

Answer 142

route handlers

Question 143

Mongoose is used in the ___layer of a web app.

Answer 143

model

Question 144

___ is an object-document mapper (ODM) that maps between classes and objects in our JavaScript code and the documents stored in MongoDB

Answer 144

Mongoose

Question 145

In Mongoose, ___and ___are the main concepts for mapping between documents in MongoDB and objects in our JavaScript code.

Answer 145

schemas

models

Question 146

A ___represents the properties of a collection in MongoDB.

Answer 146

schema

Question 147

In Mongoose, the ___is a JavaScript class which represents documents of a particular collection. Call the method ___on the mongoose object passing it two parameters:

1. The name of the JavaScript class that Mongoose will generate
2. The schema which Mongoose will use to generate this class.

Answer 147

model

Question 148

We can use the model class to create documents by using JavaScript’s built-in support for object-oriented programming, i.e., we can create documents by calling the class constructor with the ___keyword.

Answer 148

new

Question 149

Example: Creating Documents Using the Model Class

Answer 149

const Movie = mongoose.model(“Movie”, movieSchema);

const movie = new Movie({ title: “Fargo”, year: 1996, language: “English” })

Question 150

Example: Schema Definition

Answer 150

const movieSchema = mongoose.Schema({
	title: { type: String, required: true },
	year: { type: Number, required: true },
	language: { type: String, required: true }
});

Question 151

This file contains the model layer.
It uses Mongoose to connect to MongoDB.
It contains the 4 functions implementing the CRUD operations and exports these functions to make them available for use outside this file

Answer 151

model.js

Question 152

This file includes our Express code and implements the route handlers.
It imports movies_model.mjs and the route handlers call the relevant functions in movies_model.mjs.

Answer 152

controller.js

Question 153

Create Operation in the Model

Answer 153

createMovie = async (title, year, language) => {
      // Call the constructor to create an instance of the model class Movie
      const movie = new Movie({ title: title, year: year, language: language });
      // Call save to persist this object as a document in MongoDB
      return movie.save();
  }

Question 154

Retrieve Operation

Answer 154

findMovies = async (filter, projection, limit) => {
      const query = Movie.find(filter)
          .select(projection)
          .limit(limit);
      return query.exec();
  }

Question 155

___ is a parameter used to match documents. Mongoose converts the ___into a Boolean condition and checks this condition on each document.
If the condition evaluates to false for a document, then it will not be included in the result. If this parameter is not provided, it defaults to an empty condition which evaluates to true for every document in the collection.

Answer 155

filter

Question 156

In mongoose, A space-separated list of the properties of the document which we want to be included in the result. If it is not provided, all properties of the document are included.

Answer 156

projection

Question 157

In mongoose, This parameter allows further tailoring of what the result should look like.

Answer 157

options

Question 158

Update Operation

Answer 158

replaceMovie = async (id, title, year, language) => {
      const result = await Movie.replaceOne({ _id: id }, { title: title, year: year, language: language });
      return result.nModified;
  }

Question 159

Delete Operation

Answer 159

deleteById = async (id) => {
      const result = await Movie.deleteOne({ _id: id });.
      return result.deletedCount;
  }

Question 160

In Mongoose, We can require that the result of query contains ONLY those documents that match all of the specified conditions by calling the and method on a query with an array containing all the filters we want to apply on the documents. Note that if the array is empty then all the documents will match the query.

Answer 160

and

query.and(filters);

Question 161

In Mongoose, We can require that the result of query contains only those documents that match ANY of the specified conditions by calling the or method on a query with an array containing all the filters we want to apply on the documents. Note that if the array is empty then all the documents will match the query.

Answer 161

or

  query.or(filters);

Question 162

While the POST method is used for create operations, the HTTP ___method is used for update operations. A prescribed use of the ___method is for HTTP requests in which a resource is completely replaced by the data in the HTTP request with the ___method.

Answer 162

PUT

Question 163

The prescribed use of the ___ method is for partial updates of a resource, unlike PUT which is used for completely replacing the resource.

Answer 163

PATCH

Question 164

The prescribed use of the ___ method is to delete a resource.

Answer 164

DELETE

Question 165

the ___ method is not related to CRUD operations. The ___method is similar to GET in that it requests a resource for retrieval. However, the response to a request using the ___method does not include the resource, but only includes the status line and the HTTP response headers. This is used by clients, such as browsers, to determine if the resource in their cache is still fresh, or should they now issue a GET request for the resource.

Answer 165

HEAD

Question 166

The term ___ is used for the combination of a URL and an HTTP method. Two requests that have the same URL, but different HTTP methods, are considered two different ___. In Express it is simple to define routes based on the combination of a URL and HTTP method.

Answer 166

endpoint

Question 167

___ are used by the client and the server to pass additional information about the HTTP request or the HTTP response.

Answer 167

HTTP headers

Question 168

when an HTTP response contains body, the client needs to know how to interpret these bytes send by the server. This information is conveyed by using values from a standard called ___

Answer 168

Multipurpose Internet Mail Extensions or MIME type

Question 169

T or F: The typical structure of a MIME type is of the form type/subtype, i.e., two strings separated by a /.

Answer 169

True

Question 170

MIME: The ___indicates a general category. The __indicates the exact type of data within that category

Answer 170

type

subtype

Question 171

The ___ header is used in HTTP requests by a client to tell the server about the types of data the client can handle. In general, the value of the ___header is one or more MIME types separated by commas.

Answer 171

Accept

Question 172

The__ header can be used in both HTTP requests and HTTP responses. HTTP responses with a body include the ___ header to tell the client the MIME type of the body in the response.

Answer 172

Content-type

Question 173

T or F: The most common MIME type for POST bodies is application/x-www-form-urlencoded which is used when we submit a form with its action set to POST. This is also referred to as HTML form encoding or URL form encoding

Answer 173

True

Question 174

100-199:

Answer 174

Informational responses

Status codes in this category indicate that the request was received and the server is continuing to process it.

Question 175

200-299:

Answer 175

Successful responses

Question 176

200

Answer 176

OK

Question 177

201

Answer 177

Created

Question 178

204

Answer 178

No Content

Question 179

300-399:

Answer 179

Redirection

Question 180

Moved Permanently

Answer 180

301

Question 181

Found

temp moved

Answer 181

302

Question 182

See Other

server direct to another resource

Answer 182

303

Question 183

Not Modified

Answer 183

304

Question 184

400-499:

Answer 184

Client errors

Question 185

Bad Request

Answer 185

400

Question 186

Unauthorized

Answer 186

401

Question 187

Forbidden

Answer 187

403

Question 188

Not found on server

Answer 188

404

Question 189

500-599:

Answer 189

Server errors

Question 190

500

Answer 190

internal server error

Question 191

502

Answer 191

Bad Gateway

Question 192

503

Answer 192

Service Unavailable

Question 193

Reques Obj: This object contains the query parameters as name-value pairs.

Answer 193

req.query

Question 194

Reques Obj: This object contains the body of the request as name-value pairs.

Answer 194

req. body

app. use(express.urlencoded({extended: true}));

Question 195

Request Obj: This object contains all the request headers as key-value pairs, where the keys are the header names and values are the header values.

Answer 195

req.headers

for (const property in req.headers) {
console.log(${property}: ${req.headers[property]});
}

Question 196

Response object: We can set response headers using this method. However, typically we do not manually set any headers, except perhaps Content-Type.

Answer 196

res.type(type)

Question 197

Response object: A convenient method to set the Content-Type header instead of using res.set to set the header. By default, Express sets the content type in the response to text/html. But we can set the appropriate MIME type by using this method

Answer 197

res.type(type)

Question 198

Response object: By default, Express sets the status code to 200. If we want to set the status code to some other value, we can use this method.

Answer 198

res.status(code)

Question 199

Response object: Calling this method sends the response to the client with the response body set to the specified argument. However, if we are sending back JSON in the response body, we should use res.json.

Answer 199

res.send(body)

Question 200

Response object: This method sends back JSON to the client and sets the Content-Type header to application/json. Using this method, we can send any JSON value as the response body, including JSON arrays.

Answer 200

res.json(json)

Question 201

The HTTP protocol is ___. What this means is that when two requests are sent one after the other by the same user of a web app, HTTP does not maintain any information that links these two requests as coming from the same user. If we think about how we use various web applications this will seem problematic.

Answer 201

stateless

Question 202

Web apps overcome the statelessness of the HTTP protocol by using HTTP ___and HTTP __. This allows web apps to link different requests as coming from the same user.

Answer 202

cookies

sessions

Question 203

An HTTP ___ is a small piece of data that is created by a web server and sent to the user’s web browser for storage. The browser can send this HTTP ___in later requests to this web server thus identifying who this request is coming from.

Answer 203

cookie

Question 204

By linking together multiple requests from the same user, HTTP ___allow web apps to overcome the stateless nature of the HTTP protocol.

Answer 204

cookies

Question 205

When the server wants the client to store a cookie, the server sends the cookie in the response header containing the name-value pair for the cookie.

Answer 205

Set-Cookie

Question 206

Setting a cookie

Answer 206

res.cookie(‘language’, ‘English’)

Question 207

This option specifies the time in milliseconds the client should keep the cookie before deleting it. If this value is not specified, the cookie will be deleted when the browser is closed.

Answer 207

maxAge:

Question 208

Delete a cookie

Answer 208

E.g., res.clearCookie(‘language’) will delete the cookie named language.

Question 209

Get value of cookie

Answer 209

E.g., req.cookies.language will give the value of the cookie named language if that cookie was sent by the client. Otherwise, we will get the value undefined.

Question 210

To prevent tampering of a cookie’s value by the user, we can use ___cookies. If the value of a ___cookie has been tempered with, the cookie-parser will recognize this and the server will reject the value of the cookie

Answer 210

signed

Question 211

To use signed cookies, we need to provide a ___to the cookie parser middleware. The cookie parser middleware will then use this ___to sign the cookie.

Answer 211

secret

import cookieParser from ‘cookie-parser’;
app.use(cookieParser(‘sOme4rAnDom$tringCangohere’));

Question 212

Once the cookie parser has been set up with a secret, we can create signed cookies by passing the option {___} when setting the cookie:

Answer 212

signed: true

res. cookie(‘favorite_icecream’, ‘mintChocolateChip’, {signed: true });

Question 213

We obtain signed cookies, by using the property ___on the request object:

Answer 213

signedCookies

const favoriteIcecream = req.signedCookies.favorite_icecream;

Question 214

When a user logs in, the website creates a ___object on the server and sends a cookie with a unique identifier to the user. When subsequent requests contain a cookie with this unique ___ID, the website can link requests from this user and can store data relevant to this user’s interaction with the website in the ___object.

Answer 214

session

Question 215

The express-___ middleware takes a configuration object as a parameter.

Answer 215

session

Question 216

The string to be used to sign the cookie created for the session ID.

Answer 216

secret

Question 217

Options for the cookie to be created for the session ID.

Answer 217

cookie

Question 218

If this is not specified, the default name is connect.sid.

Answer 218

identifier

Question 219

The name of the cookie that will store the value of the unique session identifier. If this is not specified, the default name is connect.sid.

Answer 219

key

Question 220

By default, Express stores session objects in memory. This is called ___

Answer 220

memory store

Question 221

The path this cookie applies to.

Answer 221

path:

Question 222

The value true specifies that the cookie will only be sent over a secure, i.e., HTTPS, connection.

Answer 222

secure:

Question 223

The value true specifies that cookie should be signed, as explained later in this section.

Answer 223

signed:

Question 224

By default, Express stores session objects in memory. This is called ___

Answer 224

memory store

Question 225

The term ___ is used for an API that can be accessed using the HTTP protocol

Answer 225

web service

Question 226

___ download the HTML, CSS, and JavaScript for a web application from the web server to the browser exactly once. Once the web application is loaded into the browser, then JavaScript code makes changes to the DOM so that the user feels that they are navigating to a different page. After the initial bundle of files has been downloaded, the web app communicates with the server for various data operations, e.g., to fetch new data, or to update, create and delete data.

Answer 226

Single Page Applications (SPAs)

Question 227

In REST, A ___manages collections of resources. A ___should expose collections and resources to the clients using unique URLs. A ___should support CRUD operations by providing a set of HTTP methods as follows:

Answer 227

server

Question 228

In REST, The server should be __. Specifically, each HTTP request happens in isolation.

Answer 228

stateless

Question 229

T or F: an API is RESTful if the server used information from the previous request to service the next request from the client.

Answer 229

False, it is not restful

Question 230

___specifies a certain pattern of URLs to identify each collection and each resource within a collection. CRUD operations are carried out using specific HTTP methods and the server implementing a ___API should not maintain state about client requests.

Answer 230

REST

Question 231

___ is the measure of the quality of a user’s experience when interacting with a product or system

Answer 231

Usability

Question 232

Usability is a combination of factors that affect the user’s experience with a product or system, including:

Answer 232

1. Ease of Learning
2. Efficiency of use
3. Memorability
4. Error Frequency and severity
5. subjective satisfaction

Question 233

T or F: Usability is important for any product because if the users of the product cannot achieve their goals satisfactorily, they are likely to seek alternative products.

Answer 233

True

Question 234

T or F: Poor usability will NOT lead to wasted time, reduced productivity and increased frustrations, all of which have a negative impact on the organization.

Answer 234

False, it does

Question 235

____ is a methodical approach to producing a web app (or any product) that achieves its user’s goals while providing easy learnability, efficient use, memorability, error-free use and subjective satisfaction.

Answer 235

Usability engineering

Question 236

This is about the limit for a system to respond so that an interaction feels instantaneous to a user.

Answer 236

0.1 second

Question 237

This is about the limit for a user’s flow of thought to remain uninterrupted.
If the delay is longer than it, the user will consciously notice the delay.

Answer 237

1 second

Question 238

This is about the limit for keeping the user’s attention focused on the actions at hand.
If the delay is longer than it, the user will begin to think about other tasks.

Answer 238

10 seconds

Question 239

For shorter delays between ___ and ___ seconds, just displaying a busy cursor is sufficient.

Answer 239

2 and 10

Question 240

For delays longer than __ seconds, consider displaying a progress bar displaying percent-completion of the task. If there isn’t a way to determine percent-completion, displaying messages about the actions being done is helpful to the user.

Answer 240

10

Question 241

The number of levels a user has to traverse to get to the content of interest is termed ____ Level. As the ____ level goes up, it becomes more difficult for the users to return to a particular web page they had found interesting.

Answer 241

Content Depth

Question 242

When designing the user interface of a web app, we should consider the impact of different ___ devices on the user experience

Answer 242

input

Question 243

The goal of ___ is to uncover problems the users may encounter so that these problems can be fixed.

Answer 243

Usability Testing

Question 244

This testing is done by having the users perform a variety of tasks with a partial or complete implementation of the web app. The users’ interactions with the web app are recorded using a screen capture tool, e.g., Camtasia. Additionally, a webcam might be used see the users’ face and their words might be record.

Answer 244

Usability Testing

Question 245

Testing usability with a ____ is a cheap and practical way to test usability.

Answer 245

paper prototype

Question 246

___ is the property of a system to increase in size and capacity while continuing to achieve its functional and performance goals in a cost-effective manner.

Answer 246

Scalability

Question 247

3 important metrics of scalability

Answer 247

1. response time
2. throughput
3. reliability

Question 248

The time between sending a request and receiving a response.

For example, when a user creates a new movie in our example movie app, this is the time between them hitting the button to add the movie and receiving a response about the movie being added by the web app.

Answer 248

Response time

Question 249

The number of operations completed per unit time.

For example, if a web app completes 500 requests (from any number of web browsers) per second, then its throughput is 500 per second.

Answer 249

Throughput

Question 250

The percentage of operations successfully completed.

Answer 250

reliability

Question 251

Whenever a ____uses a very large amount of data, we should aim to move the ___ to the data, instead of moving the data to the ___.

Answer 251

computation

Question 252

Using this technique, in particular when interacting with the DBMS, is the most important thing we can do to build scalable apps.

Answer 252

Local computation

Question 253

Since communicating requests and responses over the internet is a major component of the response time of a web app, sending requests and responses with ___ size helps improve the performance and scalability of a web app

Answer 253

minimal

Question 254

When it comes to ____content, one technique to minimize the size of messages is by using a concise data format such as JSON instead of XML.

Answer 254

dynamically generated

Question 255

___ is a markup language similar to HTML in syntax. But it is more powerful than HTML and allows user-defined tags which can be used to define our own markup languages.

Answer 255

XML

Question 256

____means that after we fetch or compute some data, we save it so that we don’t have to fetch or compute it again.

Answer 256

Caching

Question 257

costs associated with caching.

Answer 257

A cache requires storage,

the cache needs to be managed.

Question 258

The browser app can act on the following HTTP response headers to decide when and how to cache static content:

Answer 258

1. Cache-Control or Expires header

2. Etag or Last-Modified header

Question 259

tells the browser whether the document should be cached, and using a max-age value tells the maximum time the document should be kept in the cache.

Answer 259

Cache-Control header

Question 260

specifies a specific expiration date and time for the document.

Answer 260

Expires header

Question 261

provides versioning information.

Answer 261

Etag Header

Question 262

specifies when the resource was last modified. considered a fallback to the etag header

Answer 262

Last-modified header

Question 263

two primary architectures for scaling a web app, scale-up or scale out.

Answer 263

1. Scale Up

2. Scale Out

Question 264

___ means expanding capacity by using a server machine that is more powerful, i.e., it has a faster CPU or more CPU cores, more memory, etc. ___ can work up to a certain point because there is a limit on how powerful a single server machine can be.

Answer 264

Scaling up

Question 265

____ means expanding capacity by adding more instances of the server.

Answer 265

Scaling out

Question 266

T or F: Scaling up is usually more cost-effective because instances can be added or removed as the loads goes up and down.

Answer 266

False, scale out

Question 267

T or F: Scaling out can also make the app more fault-tolerant. If one instance fails, the other instances can still process requests.

Answer 267

True

Question 268

T or F: As developers, we must write our apps keeping in the mind the possibility of scaling up.

Answer 268

False, scale out

Question 269

____ distribute work among them multiple web servers when handling requests for the same URL.

Answer 269

load balancers

Question 270

T or F: When developing apps that might use scaling out, we should not store any state in the web app.

Answer 270

True: The reason for this is that one request from the same user may be sent by the load balancer to one instance of the web server, while another request may be sent to another instance. If there is any state that is kept in the web app, then it will not be accessible when the request is routed to a different server

Question 271

T or F: To build scalable web apps, we must maintain state in local variables in our app.

Answer 271

False, we must NOT.

Instead, we should use persistent shared storage, such as a DBMS, to maintain state. This allows state to be shared correctly by multiple instances of our web app running on different web servers.

Question 272

Being able to verify the identity of the user.

A user has to provide some sort of credentials.

Answer 272

Authentication

Question 273

Deciding to give access to a service/resource to a user.

Answer 273

authorization

Question 274

3 key security objectives

Answer 274

1. confidentiality
2. integrity
3. availability

Question 275

___ involve inserting something into the web app code that doesn’t belong there.

Answer 275

Injection attacks

Question 276

5 major Web Security Concerns

Answer 276

1. Logging of URLs
2. Impersonation
3. Man-in-the-middle
4. Network Attacks
5. Injection Attacks