How does the HttpOnly attribute enhance the security of a cookie?
- Allows the cookie to be modified by client-side scripts
- Enables the cookie to be accessed by JavaScript
- Prevents client-side scripts from accessing the cookie
- Restricts the cookie to HTTP connections
The HttpOnly attribute enhances cookie security by preventing client-side scripts from accessing the cookie. This helps mitigate the risk of cross-site scripting (XSS) attacks that aim to steal sensitive information from cookies.
To define the order of loading for servlets, the __________ element is used in the servlet configuration.
- load-on-startup
- load-order
- order-on-startup
- servlet-order
The load-on-startup element is used in the servlet configuration to define the order of loading for servlets.
The ________ method of the HttpServletRequest interface is used to obtain the session object in servlets.
- createSession()
- getSession()
- retrieveSession()
- startSession()
The getSession() method of the HttpServletRequest interface is used to obtain the session object in servlets.
What is the purpose of the tag in a web.xml file?
- Define servlet configuration
- Map servlet to URL pattern
- Specify servlet class
- Specify servlet name
The tag in the web.xml file is used to define the configuration of a servlet. It provides information such as the servlet name, servlet class, and other configuration details, allowing the servlet container to understand how to manage and handle the servlet during the application's lifecycle.
The _________ method of RequestDispatcher is used for including content of another resource in the response.
- execute()
- forward()
- include()
- sendRedirect()
The include() method of RequestDispatcher is used for including content of another resource in the response.
Servlets can be used to handle ______, while JSP is used for presenting these to the users.
- HTTP requests
- business logic
- database operations
- presentation
Servlets are commonly used for handling business logic, database operations, etc., while JSP is primarily used for presenting content to users.
A servlet needs to handle a file upload from a web form. Which HTTP method and content type should be used?
- DELETE with text/plain
- GET with application/x-www-form-urlencoded
- POST with multipart/form-data
- PUT with application/json
For handling file uploads, the appropriate combination is to use the POST method along with the multipart/form-data content type.
ServletContext allows servlets to __________ resources and information.
- access
- initialize
- restrict
- share
ServletContext allows servlets to share resources and information.
How does the servlet container handle thread safety in the case of servlets?
- By creating a new thread for each request.
- By making the service() method synchronized.
- By using a single thread for all requests.
- Thread safety is the responsibility of the developer.
The servlet container handles thread safety by making the service() method synchronized to ensure that only one thread executes it at a time, preventing race conditions in shared resources.
What is the impact of calling request.getParameter() after request.getInputStream() or request.getReader() in a servlet?
- It will result in a compilation error.
- It will retrieve the parameter value successfully.
- It will return null.
- It will throw a runtime exception.
Calling request.getParameter() after request.getInputStream() or request.getReader() will return null because the input stream or reader can be consumed only once, and they might have already been read.