Common front-end basic interview questions (HTML, CSS, JS) (7)

Same Origin Policy

Browsers have an important security policy called the same-origin policy

Among them, the protocol , port number , and domain name must be consistent, which is called the same source, and the two sources are different, which is called cross-origin or cross-domain

The same-origin policy means that if the source of the page is inconsistent with the source loaded during the running of the page, for security reasons, the browser will impose some restrictions on cross-domain resource access

How to solve the crossing problem

• jsonp( scriptImplementation by exploiting the vulnerability that tags do not have cross-domain restrictions. Disadvantage: only supports GETrequests)
• CORS(Settings Access-Control-Allow-Origin: Specify the domain name of the accessible resource
• Nodemiddleware proxy
• Nginxreverse proxy

Talk about your understanding of TCP three-way handshake and four-way wave

The TCP protocol establishes a reliable point-to-point connection through a three-way handshake. The specific process is:

First, the server enters the listening state, and then the connection can be processed

1. The first handshake: When the connection is established, the client sends a syn packet to the server, and enters the SYN_SENT state, waiting for the server to confirm. An initial sequence number seq will also be included in the sent packet. The meaning of this handshake is that the client wants to establish a connection with the server.

2. The second handshake: the server receives the syn packet, and then responds to the client with a SYN+ACK packet, and the server enters the SYN_RCVD state. The meaning of this handshake is that the server responds to the client, indicating that it has received and agreed to the client's connection request.

3. The third handshake: After receiving the SYN packet from the server, the client sends an ACK packet to the server again and enters the ESTAB_LISHED state.

Finally, the server receives the ACK packet from the client, and enters the ESTAB_LISHED state. So far, the connection is established

When the connection needs to be closed, four waves are required to close

1. The client sends a FIN packet to the server, indicating that the client actively wants to close the connection, and then enters the FIN_WAIT_1 state, waiting for the server to return an ACK packet. After that, Client can no longer send data to Server, but can read data.

2. After receiving the FIN packet, the Server sends an ACK packet to the Client, and then enters the CLOSE_WAIT state. After that, the Server can no longer read data, but can continue to send data to the Client.

3. Client enters FIN_WAIT_2 state after receiving ACK packet returned by Server, waiting for Server to send FIN packet.

4. After the server finishes sending the data, it sends the FIN packet to the client, and then enters the LAST_ACK state, waiting for the client to return the ACK packet. After that, the server can neither read nor send data.

5. After receiving the FIN packet, the Client sends an ACK packet to the Server, then enters the TIME_WAIT state, waits for a long enough time (2MSL) to ensure that the Server receives the ACK packet, and finally returns to the CLOSED state to release network resources.

6. After receiving the ACK packet returned by the Client, the Server returns to the CLOSED state to release network resources.