How can you securely send sensitive data from a client to a server in a web application?
- Encode data in Base64
- Send data in plain text
- Use HTTP with custom encryption
- Use HTTPS (SSL/TLS)
Sensitive data should be sent securely, and using HTTPS (SSL/TLS) ensures encrypted communication between the client and the server, providing a secure way to transmit sensitive information.
How are HTTP session cookies handled in servlets?
- Cookies are handled automatically by servlet containers.
- Cookies are managed using the Cookie class.
- Cookies are not supported in servlets.
- Cookies must be handled manually in the doGet() method.
In servlets, HTTP session cookies are typically managed using the Cookie class, allowing developers to handle cookie creation, retrieval, and manipulation programmatically.
How does the HttpOnly attribute enhance the security of a cookie?
- Allows the cookie to be modified by client-side scripts
- Enables the cookie to be accessed by JavaScript
- Prevents client-side scripts from accessing the cookie
- Restricts the cookie to HTTP connections
The HttpOnly attribute enhances cookie security by preventing client-side scripts from accessing the cookie. This helps mitigate the risk of cross-site scripting (XSS) attacks that aim to steal sensitive information from cookies.
To define the order of loading for servlets, the __________ element is used in the servlet configuration.
- load-on-startup
- load-order
- order-on-startup
- servlet-order
The load-on-startup element is used in the servlet configuration to define the order of loading for servlets.
The ________ method of the HttpServletRequest interface is used to obtain the session object in servlets.
- createSession()
- getSession()
- retrieveSession()
- startSession()
The getSession() method of the HttpServletRequest interface is used to obtain the session object in servlets.
What is the purpose of the tag in a web.xml file?
- Define servlet configuration
- Map servlet to URL pattern
- Specify servlet class
- Specify servlet name
The tag in the web.xml file is used to define the configuration of a servlet. It provides information such as the servlet name, servlet class, and other configuration details, allowing the servlet container to understand how to manage and handle the servlet during the application's lifecycle.
The _________ method of RequestDispatcher is used for including content of another resource in the response.
- execute()
- forward()
- include()
- sendRedirect()
The include() method of RequestDispatcher is used for including content of another resource in the response.
Servlets can be used to handle ______, while JSP is used for presenting these to the users.
- HTTP requests
- business logic
- database operations
- presentation
Servlets are commonly used for handling business logic, database operations, etc., while JSP is primarily used for presenting content to users.
A servlet needs to handle a file upload from a web form. Which HTTP method and content type should be used?
- DELETE with text/plain
- GET with application/x-www-form-urlencoded
- POST with multipart/form-data
- PUT with application/json
For handling file uploads, the appropriate combination is to use the POST method along with the multipart/form-data content type.
ServletContext allows servlets to __________ resources and information.
- access
- initialize
- restrict
- share
ServletContext allows servlets to share resources and information.