Random Flashcards
Recursion Parts
Understanding recursion means understanding the two cases, or expected output for a particular input, in a recursive function. These are known as the base case and recursive case.
The base case describes the situation where data passed into our function is processed without any additional recursion. When the base case is executed, the function runs once and ends. Since this results in the function stopping, we may also refer to this as the terminating case.
The recursive case, as the name suggests, is the situation where the function recurses. This represents the data state that causes a function to call itself. Without a recursive case, a function’s just another function!
recursive step - and added an action that moves us towards the base case.
Thread of Execution
we use the term thread of execution (thread for short) to describe a sequence of commands. A thread consists of well-ordered commands in the same way that a task may consist of multiple steps.
In single-threaded execution, only one command can be processed at a time.
In multi-threaded execution, multiple commands can be processed at the same time.
Call Stack
a structure that JavaScript uses to keep track of the evaluation of function calls. It uses the stack data structure.
when a function is called, a new frame is pushed onto the stack. when a function returns, the frame on the top of the stack is popped off the stack.
event loop
Along with the call stack, the event loop also consists of a message queue. While the call stack tracks the task that is currently in progress, the message queue keeps track of tasks that cannot be executed at this moment, but will be executed once the current task is finished. Events in JavaScript are handled asynchronously with callbacks. Like always, the events can be things such as a setTimeout expiring or the user clicking a button. The items stored on the message queue correspond to events that have occurred but have not yet been processed. The items stored on the queue are referred to as “messages”.
Why do we need asynchronous code?
When we request data from an external server over a network, we cannot predict when we will get receive a response back. The timing is susceptible to latency due to the amount of traffic on the network, the server being busy handling other requests, and much more.
When we expect a user to interact with our programs by hitting a key, clicking a button, or scrolling down the page, we can never be certain when they will perform those actions.
Cookie
A cookie is a small file stored on a user’s computer that holds a bite-sized amount of data, under 4KB. Cookies are included with HTTP requests. The server sends the data to a browser, where it’s typically stored and then sent back to the server on the next request.
Cookies are used to store stateful information about a user, such as their personal information, their browser habits or history, or form input information they have filled out. A common use case for cookies is storing a session cookie on user login/validation. Session cookies are lost once the browser window is closed. To make sure the cookie persists beyond the end of the session, you could set up a persistent cookie with a specified expiration date. A use case for a persistent cookie is an e-commerce website that tracks a user’s browsing or buying habits.
Web Storage API
Cookies used to be the only way to store data in the browser, but with HTML5 developers gained access to the Web Storage API, which includes localStorage and Session Storage. Here are the differences between the two, according to MDN:
sessionStorage:
Stores data only for a session, or until the browser window or tab is closed
Never transfers data to the server
Has a storage limit of 5MB (much larger than a cookie)
localStorage:
Stores data with no expiration date and is deleted when clearing the browser cache
Has the maximum storage limit in the browser (much larger than a cookie)
There are a few common use cases for Web storage. One is storing information about a shopping cart and the products in a user’s cart. Another is saving input data on forms. You could also use Web storage to store information about the user, such as their preferences or their buying habits. While we would normally use a cookie to store a user’s ID or a session ID after login, we could use localStorage to store extra information about the user.
Object-Oriented Programming (OOP)
is an approach or mindset for breaking down large, complex products into simple solutions. The smaller parts can then be implemented and tested separately to provide higher confidence in the overall solution.
The main concept behind OOP is the idea that you can group data and related actions or behaviors together in order to treat them as a single entity within a larger system.
An item containing data and behaviors is called an object.
The data parts are called properties or fields of the object.
The action parts are called methods of the object.
In this way, properties are like an object’s “adjectives”, and methods are its “verbs”.
One of the ways that OOP allows you to simplify is by moving common actions and properties together for sharing rather than copying and pasting into many places throughout your project.
Pillars of OOP:
Each object encapsulates its own properties and methods to describe itself and handle certain actions. Objects interact with each other through these properties and methods, WITHOUT the need to know HOW the actions are handled.
This consideration of how objects are similar is called “abstraction”. In some online materials, articles or books, you may find abstracted treated as a fourth pillar of OOP.
Just like human parents can pass on traits and behaviors to their children, classes can be written which pass along their properties and methods to other classes through the process of inheritance.
If you break it down you’ll see poly, which means “many”, and morph, which refers to “change”. So polymorphism in OOP is the idea that one method can have a different implementation even though it has the same name because the result is equivalent.
This is what polymorphism is all about! Accomplishing the same result (undesired mark no longer visible a.k.a. erase()) in another fashion by changing or “morphing” the implementation appropriately for each class
AJAX
Asynchronous JavaScript and XML
AJAX is a group of different technologies that work together to allow a website to communicate with a server in the background without requiring the website to reload in order to display new changes.
Specifically, the key difference with AJAX is that when a change happens, the server is no longer responsible for updating the HTML and then sending the entire HTML document back. Instead, the server would send back data about the change, either in an XML or JSON format, and the website could then process that data and update the DOM accordingly.
To be clear, there is no actual formal “AJAX engine” that lives in the browser. Rather, in this example, the “AJAX engine” is really just the JavaScript code (ie. the click event handler, invocations of the Fetch API, and any sort of DOM manipulation).
You’ve now learned each step of a typical AJAX flow. As a recap, it usually starts with an event on the client side that triggers an HTTP request to the server. In this case, we used the Fetch API to asynchronously interact with the server. When the server sent its response, the Fetch API resolved the promise, and the DOM was then updated to reflect the updated data.
Cross Site Request Forgery (CSRF).
using session cookie for real website to get through with fake hacked posts
One foundational strategy to prevent a CSRF attack would be to have your server render a secret token as part of the form. Then, when the form gets submitted, it checks for the secret token to verify that it actually came from a form that the server itself had rendered, and not from some other malicious source.
The csurf library creates a middleware function that does the following:
It creates a secret value, which is sent to the client and stored as a cookie named _csrf.
On every request for a form, a CSRF token is generated from that secret value. That CSRF token is then sent back to the client as part of the form in a hidden input field.
Whenever the client submits the form, the server checks the CSRF token that’s embedded in the form and verifies that it is a valid CSRF token by checking it against the secret _csrf value that was attached to the request as a cookie.
environment variable
Environment variables are application configuration related variables whose values change depending on the environment that the application is running in. Using environment variables allows you to change the behavior of your application by the environment that it’s running in without having to hard code values in your code.
Where else should you use environment variables? Anywhere that the behavior of your code needs to change based upon the environment that it’s running in. Environment variables are commonly used for:
Database connection settings (as you’ve just seen)
Server HTTP ports
Static file locations
API keys and secrets
For real life applications, there are usually several environments
Testing - An environment that’s used to test the application to ensure that recent changes don’t affect existing functionality and that new features meet the project’s requirements.
Staging - An environment that mirrors the production environment to ensure that nothing unexpected occurs before the application is deployed to production.
Production - The environment that serves end users. For applications that need to support a large number of users, the production environment can contain multiple servers (sometimes dozens or even hundreds of servers).
MVC
MVC is known as an architectural pattern, which embodies three parts Model, View and Controller, or to be more exact it divides the application into three logical parts: the model part, the view and the controller.
MVC is an architectural pattern which means it rules the whole architecture of the applications. Even though often it is known as design pattern but we may be wrong if we refer it only as a design pattern because design patterns are used to solve a specific technical problem, whereas architecture pattern is used for solving architectural problems, so it affects the entire architecture of our application.
Model
It is known as the lowest level which means it is responsible for maintaining data. Handle data logically so it basically deals with data. The model is actually connected to the database so anything you do with data. Adding or retrieving data is done in the model component. It responds to the controller requests because the controller never talks to the database by itself. The model talks to the database back and forth and then it gives the needed data to the controller. Note: the model never communicated with the view directly.
View
Data representation is done by the view component. It actually generates UI or user interface for the user. So at web applications when you think of the view component just think the Html/CSS part. Views are created by the data which is collected by the model component but these data aren’t taken directly but through the controller, so the view only speaks to the controller.
Controller
It’s known as the main man because the controller is the component that enables the interconnection between the views and the model so it acts as an intermediary. The controller doesn’t have to worry about handling data logic, it just tells the model what to do. After receiving data from the model it processes it and then it takes all that information it sends it to the view and explains how to represent to the user. Note: Views and models can not talk directly.
Advantages of MVC
- MVC architecture will separate the user interface from business logic and business logic
- Components are reusable.
- Easy o maintain.
- Different components of the application in MVC can be independently deployed and maintained.
- This architecture helpt to test components independently.
Disadvantages of MVC
- The complexity is high.
- Not suitable for small applications.
- The inefficiency of data access in view.
Go (AKA Golang)
A statically typed, compiled programming language designed at Google. Go is syntactically similar to C, but with memory safety, garbage collection, structural typing, and CSP-style concurrency.
Go was designed at Google in 2007 to improve programming productivity in an era of multicore, networked machines and large codebases. The designers wanted to address criticism of other languages in use at Google, but keep their useful characteristics:
static typing and run-time efficiency (like C),
readability and usability (like Python or JavaScript)
high-performance networking and multiprocessing