1 three-way handshake
The client by sending a SYN to the server to create an open initiative, as part of a three-way handshake. The number setting this client is connected to the random number A.
The server should be a legitimate SYN sent back a SYN / ACK. ACK confirmation code should be A + 1, SYN / ACK packet itself have a random number B.
Finally, the client then transmits an ACK. When the service by the end of this ACK, to complete the three-way handshake, and enter the connected state is created. At this time, the packet sequence number is set to the received acknowledgment number A + 1, and the response compared to B + 1.
2 Four waving
NOTE: The interrupt may be a client connection, the server may be the following example only the client disconnects, and vice versa.
The client sends a data segment, wherein the FIN flag is set to 1. The client enters the FIN-WAIT state. The client receives the data only in this state, no longer sends data
server receives a data segment with the FIN = 1 transmitting the data segment with the remaining ACK = 1, the client to acknowledge receipt of the FIN information
server wait until all data transfers, the client sends a FIN segment with a data = 1, and into CLOSE- wAIT state waiting for client to the packet with the acknowledgment ACK = 1.
the client sent from the server receives packets with FIN = 1, the process returns acknowledgment packet ACK = 1, in order to prevent the server does not receive retransmission is required, enter the TIME-wAIT state to close the connection after the server receives the client packet has been received since 2MSL wait reply is considered successful closure server, the client connection is closed...
illustration: HTTP: //blog.csdn. net / whuslei / article / details / 6667471
3 ARP protocol
ARP (Address Resolution Protocol), which is a basic function of the target device through the IP address, destination MAC address queries to ensure smooth communication. It is essential IPv4 network layer protocol, however, no longer applies in the IPv6, and neighbor discovery protocol (NDP) replaced.
The difference between 4 urllib and urllib2
The interviewer does ask, then answer urllib2 Post and urllib can not.
urllib urlencode provided a method for generating a GET query string, but without urllib2. This is the reason why urllib and urllib2 often used together.
urllib2 acceptable instance of a class to set the Request headers URL request, urllib may only be accepted URL. This means that you can not disguise your User Agent string and so on.
5 Post and Get
GET and POST What is the difference? And why most of the answers are wrong online know almost answered
get: RFC 2616 - Hypertext Transfer Protocol – HTTP/1.1 post: RFC 2616 - Hypertext Transfer Protocol – HTTP/1.1
6 Cookie和Session
Cookie Session
storage location of the client server-side
tracking purposes session, you can also save user preference settings or saved user name and password and other trace session
security unsafe security
session is to use technology to the cookie, session was the result of technology, mainly for safety .
The difference between 7 apache and nginx
apache nginx relative advantages:
Lightweight, also from the web service, uses less memory than apache and resources to
anti-concurrent, nginx is handling asynchronous non-blocking request, support more concurrent connections, and apache is obstructive, and under high concurrency in nginx low resource consumption to maintain high performance
configuration simple and
highly modular design, the preparation is relatively simple modules
community activists
apache nginx relative advantages:
rewrite, rewrite powerful than the nginx
module over more basic thought can be found
little bug, the bug nginx relatively large
ultra-stable
8 site users to save passwords
Expressly preserved
after storage plaintext hash, such as MD5
the MD5 + Salt embodiment, the salt can randomly
know almost used Bcrypy (if) encryption
9 HTTP and HTTPS
Status code definitions
1xx report request is received, the process continues
2xx successful step successfully received, understood, and accepted
3xx redirection order to complete the request, you must take further measures
4xx client errors include wrong order or request can not be completed
5xx server error Server unable to complete an apparently valid request
403: Forbidden 404: not Found
HTTPS handshake, symmetric encryption, asymmetric encryption, TLS / SSL, RSA
10 XSRF and XSS
CSRF (Cross-site request forgery) CSRF
XSS (Cross Site Scripting) cross-site scripting attacks
CSRF focused on request, XSS focus in the script
11 idempotent Idempotence
Idempotent HTTP method refers to a resource request from a plurality of times and should have the same side effects. (Note that a side effect)
GET http://www.bank.com/account/123456, does not change the state of resources, regardless of call once or N times without side effects. Please note that the emphasis here is N times once and have the same side effects, but not the same result each time the GET. GET http://www.news.com/latest-news this HTTP request might get different results each time, but it itself does not produce any side effects, so it is to meet the idempotent nature.
DELETE method for deleting resources, it has side effects, but it should meet idempotency. For example: DELETE http://www.forum.com/article/4231, called once, and the N-th side effects generated by the system is the same, namely to delete the message id of 4231; therefore, the caller can be called multiple times or refresh page without having to worry cause errors.
POST corresponding URI is not created its own resources, but the resources of the recipient. For example: POST http://www.forum.com/articles semantics is to create a post in http://www.forum.com/articles, HTTP response should include the creation of posts and status URI posts. Two identical POST request creates two resources on the server side, they have the URI different; therefore, the method does not have the POST idempotent.
PUT corresponding URI is to create or update the resource itself. For example: PUT http://www.forum/articles/4231 semantics is to create or update the post with ID 4231. PUT several times to the same side and once PUT URI are identical; thus, PUT method idempotent.
12 RESTful architecture (SOAP, RPC)
Recommended: http://www.ruanyifeng.com/blog/2011/09/restful.html
13 SOAP
SOAP (originally Simple Object Access Protocol first letter of the abbreviation, Simple Object Access Protocol) is a protocol specification for exchanging data, the use of the computer network of Web services (web service), the band structure of the exchange of information. To simplify the SOAP web server (Web Server) when extracting data from XML database, to save formatted in accordance with the HTTP protocol, perform XML data interchange format between the pages of time to comply, and different applications, so abstract in language, platform and hardware.
14 RPC
RPC (Remote Procedure Call Protocol) - remote procedure call protocol, which is a request for service from a remote computer through a network, without the need to understand the underlying network protocol technology. RPC protocol is assumed that there is some transmission protocols, such as TCP or UDP, this is the communication between information carrying program data. In the OSI model, network communications, RPC across the transport layer and application layer. RPC allows the development of applications, including network distributed multi-program, including easier.
Summary: services provided to two schools in the traditional sense-oriented method calls known as RPC. For enterprise SOA, a number of manufacturers to launch webservice, developed a wsdl interface definition, transmission soap. When the Internet era, bloated SOA is reduced to http + xml / json. However, to simplify the emergence of various confusion. Resource-oriented, no action is nothing more than the resource additions and deletions to change search, so a unified REST appeared.
The order of evolution: RPC -> SOAP -> RESTful
15 CGI sum WSGI
CGI is the Common Gateway Interface, and is connected to a web server application program interface, the user to obtain dynamic data such as files or CGI. CGI program is a standalone program that can be written in almost any language, including perl, c, lua, python, and so on.
WSGI, Web Server Gateway Interface, is an interface between the framework and Python applications or Web server, WSGI One of the purposes is to let the user can use a unified language (Python) before and after the writing end.
Official Description: PEP-3333
16 middle attacks
In the GFW in common, huh, huh.
Middle attack (Man-in-the-middle attack, often abbreviated MITM) refer, respectively, to create a separate contact at both ends of the attacker and the communication and exchange of data it receives, so that both ends of the communication think they are through a private connection direct dialogue with each other, but in fact the entire session are fully controlled by an attacker.
17 c10k problem
The so-called c10k problem, referring to the server supports thousands of clients problem, that is, concurrent 10 000 connection (which is the origin of the name c10k). Recommended: https://my.oschina.net/xianggao/blog/664275
18 socket
Recommended: http://www.360doc.com/content/11/0609/15/5482098_122692444.shtml
Socket=Ip address+ TCP/UDP + port
19 browser cache
Recommended: http://www.cnblogs.com/skynet/archive/2012/11/28/2792503.html
304 Not Modified
20 HTTP1.0 and HTTP1.1
Recommended: http://blog.csdn.net/elifefly/article/details/3964766
Host request header fields, a server multiple Web sites
long link
file HTTP
authentication, state management, Cache Cache
HTTP request 8 Ways to introduce HTTP / 1.1 protocol CCP defines eight HTTP request method, also known as HTTP request methods "action request", a different method of operation of predetermined different manner specified resource. The server will do different responses depending on the request method.
GET
GET request to the specified resource request will be displayed. Generally GET method should be used only for reading data, and should not be used to produce non-idempotent operations of side effects.
GET method request page information will be specified, and returns the response body, GET method is considered unsafe because the GET method will be any access network spiders.
HEAD
HEAD method and GET method, are specified resource request to the server. However, the server in response to a HEAD request does not return the contents of some of the resources, namely: the response body. Under such circumstances, we can not transmit the entire contents, you can get the server's response headers. HEAD method is often used by the client to view server performance.
POST
POST request submitted to the designated resource data, the server processes the request, such as: Submit form data, file upload, etc., request data is contained in the request body. Methods POST method is non-idempotent, because the request may create new resources and / or modify existing resources.
PUT
PUT request body will upload their content to the latest specified resource location, PUT method is a method idempotent. The latest resource data transfer specified by this method the client to the server can replace the contents of the specified resource.
DELETE
DELETE request requesting server delete the resource identified by a URI (Uniform Resource Identifier, Uniform Resource Identifier) requested. DELETE request after the specified resource is deleted, DELETE methods are idempotent.
CONNECT
CONNECT method is HTTP / 1.1 protocol reservation, the proxy server can be connected to the pipeline mode. Communications link with a non-encrypted HTTP proxy server's SSL encryption is typically used.
OPTIONS
OPTIONS request with the HEAD similar, but also for the general performance of the client to view server. This method will return all HTTP requests that the server supports the requested resource method will use '*' instead of the resource name, send OPTIONS request to the server, you can test server functions are normal. When the JavaScript XMLHttpRequest object CORS cross-domain resource sharing, it is to send a request using the OPTIONS sniffing method, to determine whether there is access to the specified resource. allow
TRACE
TRACE echo request message requesting the server which receives the HTTP request method is mainly used for test or diagnosis.
Increased HTTP / 1.1 method after
After the HTTP / 1.1 standards, and gradually expand a number of ways. Which use more PATCH method is:
PATCH
PATCH method appears later, it was defined in the 2010 RFC 5789 standard. PATCH request similar PUT request to update the same resource. Both the following differences:
But PATCH part of the general resource for updates, and for general overall update PUT resources. When the resource does not exist, PATCH will create a new resource, and PUT will only have to update the resource.
21 Ajax
AJAX, Asynchronous JavaScript and XML (Asynchronous JavaScript and XML), is a technology and without reloading the entire page, and server exchange data and update parts of the page.