In a servlet's lifecycle, which method is responsible for responding to client requests?
- doGet()
- doPost()
- init()
- service()
The service() method in a servlet's lifecycle is responsible for responding to client requests. It delegates the request to the appropriate method (e.g., doGet() or doPost()).
In a web application, a servlet receives data, processes it, and then needs to display the results in a JSP page. Describe the optimal approach for this scenario.
- Include the JSP page using
- Set data as request attributes and use request.getRequestDispatcher().forward()
- Use JavaScript to fetch and display data in the JSP page
- Use response.sendRedirect() to navigate to the JSP page
The optimal approach is to set the processed data as request attributes and use request.getRequestDispatcher().forward() to forward the request to the JSP page. This ensures that the processed data is available in the JSP for rendering.
How does the HttpOnly attribute enhance the security of a cookie?
- Allows the cookie to be modified by client-side scripts
- Enables the cookie to be accessed by JavaScript
- Prevents client-side scripts from accessing the cookie
- Restricts the cookie to HTTP connections
The HttpOnly attribute enhances cookie security by preventing client-side scripts from accessing the cookie. This helps mitigate the risk of cross-site scripting (XSS) attacks that aim to steal sensitive information from cookies.
To define the order of loading for servlets, the __________ element is used in the servlet configuration.
- load-on-startup
- load-order
- order-on-startup
- servlet-order
The load-on-startup element is used in the servlet configuration to define the order of loading for servlets.
The ________ method of the HttpServletRequest interface is used to obtain the session object in servlets.
- createSession()
- getSession()
- retrieveSession()
- startSession()
The getSession() method of the HttpServletRequest interface is used to obtain the session object in servlets.
Which HTTP method is idempotent: GET or POST?
- DELETE
- GET
- POST
- PUT
The GET method is idempotent, meaning multiple identical requests have the same effect as a single request. This is because GET requests do not change the state on the server.
How can servlet initialization parameters be used effectively for database connectivity?
- By embedding database connection details directly in the servlet code.
- By relying on default database configurations provided by the servlet container.
- By storing database connection details as initialization parameters and retrieving them in the servlet's init() method.
- By using context parameters instead of initialization parameters for database connectivity.
Servlet initialization parameters can be used effectively for database connectivity by storing database connection details in the web.xml file and retrieving them in the servlet's init() method for establishing connections.
A cookie's security can be enhanced by setting the _________ flag, which prevents its access via JavaScript.
- HttpOnly
- Max-Age
- Path
- Secure
The HttpOnly flag enhances a cookie's security by preventing its access via JavaScript.
Which method in a filter is responsible for cleaning up resources when the filter is taken out of service?
- destroy()
- doFilter()
- filterInit()
- init()
The destroy() method is responsible for cleaning up resources when the filter is taken out of service.
When designing a servlet that handles sensitive data, which header should be set to secure the response?
- Access-Control-Allow-Origin, setHeader()
- Strict-Transport-Security, setHeader()
- X-Content-Type-Options, setHeader()
- X-Frame-Options, setHeader()
To secure the response when handling sensitive data, the Strict-Transport-Security header should be set using the setHeader() method in the HttpServletResponse.