In the http module, the ______ method of the response object is used to write a chunk of the response body.
- send
- write
- respond
In the http module, the write method of the response object is used to write a chunk of the response body. This method is typically used in scenarios where you want to stream data to the client as it becomes available, such as when serving large files.
Closures can be used to create ________ functions, which can maintain their own state independently.
- anonymous
- arrow
- stateful
- pure
Closures can be used to create stateful functions. These functions can maintain their own state independently because they have access to the variables in their containing closure. This allows them to remember data across multiple function calls.
How can you enable CORS for specific domains in your Node.js application?
- Use the 'Access-Control-Allow-Origin' header
- Set 'CORS: true' in the application settings
- Use the 'enableCORS()' function
- CORS is enabled by default in Node.js
To enable CORS (Cross-Origin Resource Sharing) for specific domains in a Node.js application, you should use the 'Access-Control-Allow-Origin' header in your HTTP response. This header specifies which domains are allowed to access your resources. The other options are not the correct way to enable CORS.
What will happen to the devDependencies when you run npm install --production?
- DevDependencies will be installed in the production environment.
- DevDependencies will be ignored, and only regular dependencies will be installed.
- DevDependencies will be removed from the project.
- DevDependencies will throw an error during installation.
When you run npm install --production, devDependencies are ignored, and only regular dependencies are installed. This is useful to ensure that development-specific packages don't bloat the production build.
You are tasked with creating a user dashboard using EJS where user-specific data needs to be displayed. How would you securely pass user data from the server to the EJS template and ensure that it is correctly escaped to prevent XSS attacks?
- Use the render method with EJS and sanitize user data with a library like DOMPurify before rendering.
- Use plain JavaScript to inject user data directly into the template without any sanitization.
- Use the res.send method to send user data as JSON and then use JavaScript in the template to render it.
- Pass user data as a query parameter in the URL and retrieve it in the template with JavaScript.
To securely pass user data from the server to the EJS template and prevent XSS attacks, it's essential to use the render method with EJS and sanitize user data with a library like DOMPurify before rendering. This ensures that any potentially harmful user input is properly sanitized, reducing the risk of XSS vulnerabilities.
You are working on optimizing a web application that has a high First Contentful Paint (FCP) time. Which strategies would be effective in reducing the FCP time without compromising the functionality of the application?
- Implement lazy loading for images and assets
- Reduce server-side rendering (SSR)
- Increase the number of third-party scripts
- Enable heavy client-side processing
To reduce the FCP time, implementing lazy loading for images and assets is an effective strategy. This defers the loading of non-essential resources until they are needed, allowing the critical content to load quickly. Increasing the number of third-party scripts and enabling heavy client-side processing can actually increase FCP time and should be avoided. Reducing SSR might be suitable depending on your application's specific needs.
You are designing a library to manage multiple user sessions in a web application. How can closures be efficiently used to manage individual session states securely?
- Store session data in global variables
- Use closures to encapsulate session data within functions
- Use cookies to store session data
- Use session variables provided by the web framework
Closures in JavaScript can be used to encapsulate session data within functions, providing a secure and isolated way to manage individual session states. Storing session data in global variables (option a) is not secure and can lead to data leakage. Using cookies (option c) is a separate technique for session management, and session variables provided by a web framework (option d) are framework-specific and may not utilize closures.
How does the main field in the package.json file affect the behavior of a Node.js module when it is required by another module?
- It specifies the author of the module.
- It defines the entry point of the module.
- It sets the module's version number.
- It determines the module's dependencies.
The main field in package.json specifies the entry point of a Node.js module. When another module requires it, Node.js uses this entry point as the starting point to load and execute the module's code. It helps in organizing and accessing the module's functionality.
How can developers manage access and permissions for their published NPM package?
- npm lock
- npm manage
- npm publish access
- npm access
Developers can manage access and permissions for their published NPM package using the npm access command. This command allows them to set permissions for specific users or teams, control who can publish new versions, and more. The other options do not provide the necessary functionality for managing package access and permissions.
Which Node.js feature can help in improving the performance of CPU-bound tasks?
- Event Loop
- Callback Hell
- Cluster Module
- Promises
The Cluster Module in Node.js allows you to create child processes and distribute CPU-bound tasks across multiple cores, thus improving performance. The Event Loop and Promises are more related to handling I/O-bound operations and asynchronous programming, while "Callback Hell" is not a Node.js feature.