In a scenario where a cookie is used for authentication, what measures should be taken to enhance security?
- All of the above
- Encrypt the cookie data
- Store minimal information in the cookie
- Use HTTPS
To enhance security in cookie-based authentication, it's crucial to use HTTPS, store minimal information, and encrypt the cookie data.
ServletConfig is used to pass __________ to a specific servlet during initialization.
- configuration
- context
- parameters
- resources
ServletConfig is used to pass initialization parameters to a specific servlet during initialization.
The _________ method of HttpServletRequest is used to parse query parameters from the request URL.
- getParameter()
- getQueryParameters()
- parseQueryParameters()
- retrieveQuery()
The getParameter() method of HttpServletRequest is used to parse query parameters from the request URL.
How is ServletConfig initialized?
- Automatically by the container
- Using a configuration file
- Using constructor
- Using init() method
The ServletConfig is automatically initialized by the container. It provides configuration information to the servlet and can be obtained using the getServletConfig() method.
What is the difference between context parameters and initialization parameters in servlets?
- Context parameters are set at the application level, while initialization parameters are specific to a servlet.
- Context parameters are used for database connectivity, while initialization parameters are used for servlet configuration.
- Initialization parameters are set at the application level, while context parameters are specific to a servlet.
- Initialization parameters are used for database connectivity, while context parameters are used for servlet configuration.
Context parameters are set at the application level and are accessible to all servlets, while initialization parameters are specific to each servlet and are defined in the servlet's deployment descriptor (web.xml).
The response header 'Content-Disposition' with value 'attachment; filename="file.txt"' is set using the __________ method.
- addHeader()
- sendRedirect()
- setContentType()
- setHeader()
The setHeader() method is used to set response headers, including the 'Content-Disposition' for file downloads.
How can you securely send sensitive data from a client to a server in a web application?
- Encode data in Base64
- Send data in plain text
- Use HTTP with custom encryption
- Use HTTPS (SSL/TLS)
Sensitive data should be sent securely, and using HTTPS (SSL/TLS) ensures encrypted communication between the client and the server, providing a secure way to transmit sensitive information.
How are HTTP session cookies handled in servlets?
- Cookies are handled automatically by servlet containers.
- Cookies are managed using the Cookie class.
- Cookies are not supported in servlets.
- Cookies must be handled manually in the doGet() method.
In servlets, HTTP session cookies are typically managed using the Cookie class, allowing developers to handle cookie creation, retrieval, and manipulation programmatically.
How does the servlet container handle thread safety in the case of servlets?
- By creating a new thread for each request.
- By making the service() method synchronized.
- By using a single thread for all requests.
- Thread safety is the responsibility of the developer.
The servlet container handles thread safety by making the service() method synchronized to ensure that only one thread executes it at a time, preventing race conditions in shared resources.
What is the impact of calling request.getParameter() after request.getInputStream() or request.getReader() in a servlet?
- It will result in a compilation error.
- It will retrieve the parameter value successfully.
- It will return null.
- It will throw a runtime exception.
Calling request.getParameter() after request.getInputStream() or request.getReader() will return null because the input stream or reader can be consumed only once, and they might have already been read.