General Knowledge

Question 1

What is a server ?

Answer 1

A server is a computer program or a device that provides functionality for other programs or devices, called “clients”.

Servers can provide various functionalities, often called “services”, such as sharing data or resources among multiple clients, or performing computation for a client.

Servers are used to host web pages, applications, imagers, fonts, and much more.

Typical servers are database servers, file servers, mail servers, print servers, web servers, game servers, and application servers.[

Question 2

What is the response header Access-Control-Allow-Origin ?

Answer 2

It indicates whether the response can be shared with requesting code from the given origin.

Access-Control-Allow-Origin: *
# For requests without credentials, the literal value "*" can be specified, as a wildcard;

Access-Control-Allow-Origin: 
# Specifies an origin. Only a single origin can be specified.

Access-Control-Allow-Origin: null

Question 3

What is same-origin policy ?

Answer 3

A very restrictive policy. A document (like a web page) hosted on server A can only interact with other documents that are also on server A. In short, the same-origin policy enforces that documents that interact with each other have the same origin.

example:
http://www.example.com/foo-bar.html => URL1

If you used a web browser to navigate from URL1 to http://www.example.com/hello-world.html, you would be allowed to do so because the protocol (http), host (example.com), and port (80, the default port) of each URL match one another.

However navigating to https://www.en.example.com/hello.html from URL1 would not be allowed because of the different protocol (HTTPS) and host (en.example.com)

Question 4

What is a security policy ?

Answer 4

When you use a web browser, you are likely attempting to access a distinct website (hosted on a server). Websites often request these hosted resources from different locations (servers) on the internet. Security policies on servers mitigate the risks associated with requesting assets hosted on different server.

Security policies:

• same-origin
• cross-origin

Question 5

What is an origin made up of ?

Answer 5

An origin is made up of the following three parts:

1. protocol
2. host
3. port number

Question 6

What is a cross-origin policy (CORS) ?

Answer 6

It has evolved into Cross-Origin Resource Sharing (CORS).

A request for a resource (like an image or a font) outside of the origin.

example:
http://www.example.com/foo-bar.html => URL1

Unlike same-origin, navigating to https://www.en.example.com/hello.html from URL1 could be allowed with CORS. Allowing cross-origin requests is helpful, as many websites today load resources from different places on the Internet (stylesheets, scripts, images, and more).

https://www.codecademy.com/articles/what-is-cors

Question 7

Why is CORS security policy is necessary ?

Answer 7

It allows servers to specify not just who can access its assets, but also how the assets can be accessed.

Cross-origin requests are made using the standard HTTP request methods.

Most servers will allow GET requests, meaning they will allow resources from external origins (say, a web page) to read their assets. HTTP requests methods like PATCH, PUT, or DELETE, however, may be denied to prevent malicious behavior.

Question 8

What is an HTTP Header ?

Answer 8

It is a piece of information associated with a request or a response. Headers are passed back and forth between your web browser (also referred to as a client) and a server when the web page you are on wants to use resources hosted on a different server.

Headers are used to describe requests and responses.

Question 9

How does the CORS standard manages cross-origin requests ?

Answer 9

By adding new HTTP headers to the standard list of headers.

The following are the new HTTP headers added by the CORS standard:

• Access-Control-Allow-Origin
• Access-Control-Allow-Credentials
• Access-Control-Allow-Headers
• Access-Control-Expose-Headers
• Access-Control-Max-Age
• Access-Control-Request-Headers
• Access-Control-Request-Method
• Origin

Question 10

What is the header Access-Control-Allow-Origin ?

Answer 10

It allows servers to specify how their resources are shared with external domains.

Question 11

What is memoization ?

Answer 11

It is an optimization technique used primarily to speed up computer programs by storing the results of expensive function calls and returning the cached result when the same inputs occur again.

In other words, Memoization is the programmatic practice of making long recursive/ iterative functions run much faster by caching the values that the function returns after its initial execution.

function memo(func){
  var cache = {};
    return function(){
      var key = JSON.stringify(arguments);
      if (cache[key]){
        console.log(cache)
        return cache[key];
      }
      else{
        val = func.apply(null, arguments);
        cache[key] = val;
        return val; 
      }
  }
}

Example of a factorial function.

factorial(51) = factorial(50) * 51
factorial(51) = 51 * 50 * 49 * … * 2 * 1
Wouldn’t it be cool if somehow our factorial function could remember the values from its previous calculations and use them to speed up the execution ?

Here comes memoization, a way for our function to remember (cache) the results.