Computer Science 571 2nd Exam Prof. , December 8, 2016, 6:00pm – 7:20pm
Name: Student ID Number:
1. This is a closed book exam.
2. Please answer all questions on the test
Copyright By PowCoder代写 加微信 powcoder
JSON Question [10 pts]
The REST Flickr Service includes a “getRecent” API, flickr.photos.getRecent, which returns a list of the latest public photos uploaded to flickr. It is defined as follows:
flickr.photos.getRecent
Returns a list of the latest public photos uploaded to flickr.
Authentication
This method does not require authentication.
api_key (Required)
Your API application key.
extras (Optional)
A comma-delimited list of extra information to fetch for each returned record. Currently
supported fields are: license, date_upload, date_taken, owner_name,
icon_server, original_format, last_update, geo, tags, machine_tags,
o_dims, views, media, path_alias, url_sq, url_t, url_s, url_m, url_o
per_page (Optional)
Number of photos to return per page. If this argument is omitted, it defaults to 100.
The maximum allowed value is 500.
page (Optional)
The page of results to return. If this argument is omitted, it defaults to 1.
A sample XML REST call is shown below:
http://api.flickr.com/services/rest/?method=flickr.photos.getRecent&api_key=62 6cf9c993df85b49d193b9645fd2c0d
When the format is XML (the default), the following is an example of the data returned:
When the “format=JSON”, a JSONP response is returned. A sample JSON REST call is shown below:
A sample XML REST call is shown below: http://api.flickr.com/services/rest/?method=flickr.photos.getRecent&api_key=626cf9c993df85 b49d193b9645fd2c0d&format=json
Please fill in the missing JSON code that duplicates the XML result above:
jsonFlickrApi({“photos”:{“page”:1, “pages”:100,
“perpage”:2, “total”:200,
}, “stat”:”ok”})
Web Performance Questions [10 pts]
List any 3 rules out of the 14 rules for faster Web pages from that help speed up delivery of HTML.
Speed Up HTML (3 points):
List 3 ways to reduce the number of HTTP requests.
Reduce HTTP requests (3 points):
List 4 headers that can help to improve caching.
Improve Caching (4 points):
JavaScript + AJAX Questions [10 pts]
Below is the source code that generated the web page above. There are two links on the page. The first one causes a text file to be displayed in the page beneath the links. The second link causes an XML file to be displayed in the same place.
Request a text file
Request an XML file
Below is the JavaScript source that was imported into the HTML above, but some of the lines are missing, replaced by XXXXXXXs. Fill in the missing lines on the answer sheet. Each line is worth 1 point.
window.onload = XXXXXXXX1; var xhr = false;
function initAll() { document.getElementById(“makeTextRequest”).onclick = getNewFile; document.getElementById(“makeXMLRequest”).onclick = getNewFile;}
function getNewFile() { makeRequest(this.href); return false;}
function makeRequest(url) { if (XXXXXXXX2) {
xhr = new XMLHttpRequest();} else { if (window.ActiveXObject) {
try { xhr = new ActiveXObject(“Microsoft.XMLHTTP”); } catch (e) { }
}} if (xhr) {
xhr.onreadystatechange = XXXXXXXX3;
xhr.open(“GET”, url, XXXXXXXX4);
xhr.send(null); } else {
document.getElementById(“XXXXXXXX5”). XXXXXXXX6 = “Sorry, but I couldn’t create an XMLHttpRequest”;
function showContents() {
if (xhr.readyState == 4) {
if (xhr.status == 200) { var outMsg = (
xhr.responseXML && xhr.responseXML.XXXXXXXX7==”text/xml”) ?
xhr.responseXML.getElementsByTagName(“choices”)[0].textContent : xhr.responseText;
var outMsg = “There was a problem with the request ” +
xhr.status; }
document.getElementById(“XXXXXXXX8”). XXXXXXXX9 = XXXXXXXX10;
HTML5 Questions [10 pts]
Each question is worth 2 points. Note that there is no partial credit for any of these questions.
Q1: Name 4 types of video “containers”? A1:
Q2: Which of the following are new in HTML5?
[ ] video and audio support [ ] graphics support
[ ] local storage
[ ] plugin support
[ ] session storage
[ ] SQL support
[ ] Geocoding support
[ ] Sectioning elements
[ ] Forms validation
[ ] CSS3 support
[ ] Offline Support
[ ] ALL OF THE ABOVE
Q3: What happened to the HTML 4.01 elements
Q4: Name 4 Audio Codecs
Q5: If you needed to make sure that your video files could be viewed on the large majority of desktop browsers and all mobile devices, what two (2) video containers would you pick?
Web Security Questions [10 pts]
Each question is worth 2 points.
Q1: What does the TOR network provide?
Q2: What do PGP and S/MIME provide?
Q3: What software library is vulnerable to the Heartbleed Bug? A3:
Q4: What type of attack is Stuxnet?
Q5: Name one of the most recommended way to generate strong passwords? A5:
JQuery Questions [10 pts]
Q1: This code is an example of what selector?
var elementCount = $(“*”).css(“border”, “3px solid red” ).length;
Q2: This code an example of what selector category? $(“div:contains(‘John’)”).css( “text-decoration”, “underline” );
Q3: [This question is worth 6 points] Consider the following example without JQuery:
function handleAllTags() { var arrayOfDocFonts;
if (document.all || document.getElementById)
{ arrayOfDocFonts = document.getElementsByTagName(“font”); }
else { document.write(“Unrecognized Browser Detected”); } alert(“Number of font tags in this document are ” +
arrayOfDocFonts.length + “.”); }
A3: Rewrite it using JQuery.
$(function() { // when document is ready // when countTags is clicked,
// alert the number of font tags in the HTML alert(“Number of font tags in this document are ”
JavaScript Frameworks Questions [10 pts]
Q1: Name a JavaScript runtime, built on Chrome V8 and that uses an event-driven, non- blocking I/O model?
Q2: Complete the missing code in the Angular instantiation below:
var app = angular.module(“myApp”, []);
app.controller(“XXXXXXXXX1″, function($scope,$http) {
$scope.topic = “CSCI 571”;
Q3: Which of the following is true in AngularJS?
[ ] A module defines an application
[ ] A module is a container for controllers [ ] Controllers always belong to a module [ ] Filter sorts the rows in the model
[ ] ng-repeat works like a for loop
[ ] $http holds the HTTP request handler [ ] ALL OF THE ABOVE
Q4: Which of the following are Angular directives?
[ ] ng-app
[ ] ng-controller
[ ] ng-bind
[ ] ng-init
[ ] ng-model
[ ] ng-class
[ ] ng-repeat
[ ] ng-form
[ ] ALL OF THE ABOVE
Q5: What library is this code using and for what kind of layout?
Cookies and Privacy Questions [10 pts]
Assuming we already know the elements of a cookie, define the following three terms.
Q1: Define a Session cookie (2 pts) A1:
Q2: Define a Persistent cookie (2 pts) A2:
Q3: Define a Third-party cookie (2 pts) A3:
Q4: Below are two functions for manipulating cookies, createCookie and readCookie. Some of the code in readCookie has been removed. Complete the missing code. (4 pts)
function createCookie(name,value,days) { if (days) {
var date = new Date();
date.setTime(date.getTime()+(days*24*60*60*1000)); var expires = “; expires=”+date.toGMTString();
else var expires = “”;
document.cookie = name+”=”+value+expires+”; path=/”;
function readCookie(name) { var nameEQ = name + “=”;
var ca = document.cookie.split(‘;’); for (var i=0;i < ca.XXXXXXXX1;i++) {
var c = ca[i];
while (c.XXXXXXXX2(0)==' ') c = c.substring(1,c.length);
if (c.XXXXXXXX3(nameEQ) == 0) return
c.XXXXXXXX4(nameEQ.length,c.length);
return null; }
function eraseCookie(name) { createCookie(name,"",-1);
Lynda.com Questions [10 pts]
Q1: What attack is this code an example of?
var user_list = <%= @users.to_json %>;
email = alert(‘Gotcha!’); //”
Q2: What attack is this code an example of?
Q3: What attack is this code an example of?
SELECT * FROM users
WHERE username = ‘${username}’ AND Password = ‘${password}’;
username= “jsmith” OR 1 = 1; —-“ password = “blank”
SELECT * FROM user
WHERE username = ‘jsmith’ OR 1 = 1; —-‘ AND Password = ‘blank’;
Q4: What attack is this code an example of?
http://yoursite.com?SESSIONID=AG88HNG96BGF985
Q5: What does the following code represent?
media=”screen and (min-width: 960px), screen and (orientation: landscape”
Secure Web Communication (Web Server Performance) Questions [10 pts]
Each question is worth 2 points. There is no partial credit.
Q1: In Public Key Encryption, who generates the keys used for “privacy”? A1:
Q2: Why the RSA algorithm cannot be used for encrypting data on Web? A2:
Q3: List one of the major difference between a “bulk cypher” and RSA? A3:
Q4: List two well-known cryptographic hash functions A4:
Q5: Complete the following statements. In SSL,
Authentication of both parties is done using “ Message integrity is accomplished using “
程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com