Full stack development experience

1, please list a variety of modes of website development

WebFrom, MVC, isolated front and rear ends (rear Restful API, using the front end of the front end of the frame, e.g. Angular, React, Vue).

2, the difference between end and separated front and rear ends of the front and rear non-exemplified separation and their advantages

1, front and rear ends are not separated 

Development model is not separated from the rear end of the former, see the front page of the effect is controlled by the rear end, the rear end or redirect page rendering, i.e. the front end of the rear end of the display to be controlled, a high degree of coupling of the front and rear ends .

This development model is more suitable for pure web application, but when the back-end docking App, App may not require back-end returns an HTML page, but only the data itself, so the back-end web interface is not returned the original suitable for front-end applications App in order to butt App, backend also need to develop a set of interfaces.

2, isolated front and rear ends

Industry specializing in surgery, do the front end of the front end, back end to do the back end.

Server into two, front and rear ends are deployed, static resources on the front-end server, service code on the back-end server. Front-end server needs to receive HTTP requests. Front-end server needs to parse the view (can Vue.js, Angular). Front-end server needs to process routing (ie jump between pages). Back-end server is only responsible for returning data to the front end.

3, talk about why most companies now choose to separate the front and rear end model development project

In fact, this is determined by the advantages of the front and rear ends of the separation: industry specializing in surgery, do the front end of the front end, back end to do the back end. Server into two, front and rear ends are deployed, static resources on the front-end server, service code on the back-end server. Front-end server needs to receive HTTP requests. Front-end server needs to parse the view (can Vue.js, Angular). Front-end server needs to process routing (ie jump between pages). Back-end server is only responsible for returning data to the front end.

4, before and after the end of the separation project Please list in why there is cross-domain problems

Because same-origin policy. The problem stems from the cross-domain JavaScript same origin policy that only protocol + hostname + port number (if present) are the same, allow mutual access. That is, JavaScript can access and manipulate resources under their own domain, can access and manipulate other resources below. The problem is that for cross-domain JS and Ajax, HTML does not have cross-domain problem, such as a label, script tag, label or even form (directly cross-domain transmit data and receive data) and the like.

5, please list a variety of solutions to the problem of cross-domain. As well as their characteristics

The first: After the server performs request over, allowing you to cross-domain; in fact, set up server response header: response.setHeader ( "Access-Control-Allow-Origin", "*").

The second: jsonp way. Note: This method can only send get requests. Even if designated as a post, or get the last transmitted, and the same way with the above, also with the support of required servers. Jsonp ajax request is not sent; dynamically created with a script tag, because the script tag is not the same origin policy restrictions, can be cross-domain; this script src tag pointing to the server address our request, will carry this address a parameter: callback, a callback function, the server will return data to the client through the callback function, but the client does not have this function how to receive it? So before sending a request to be registered in the global (window) such a method, use this method to get the data; this callback function names need to end the agreement with good service, it is the same. E.g:

<Script>
          // specified callback 
         function showData (Result) {
              var Data = the JSON.stringify (Result); // JSON object into a string 
             $ ( " #text " ) .val (Data);
         }
 
         $(document).ready(function () {
 
             $ ( " #Btn " ) .click (function () {
                  // input to the head of a script, the script initiates a cross-domain requests 
                 $ ( " head " ) .append ( " <= the src Script 'HTTP: // localhost ?: 9090 / = showData the callback Student '> <\ / Script> " );
             });
 
         });
</script>

Third: the proxy server, cross-domain origin policy problem is the browser restrictions between servers is not, then we put our request to the proxy server, proxy server to let us call this interface, sending to the front end on it.

Fourth: the code provided at the rear inside. For example, ASP.NET Web API, or ASP.NET Core Web API which can be set.

6. Please list before and after the end of the separation project, the authority which authentication method will you know the way to be introduced in a choice of two

Now commonly used is requesting a username and password plus real-time verification, Token validation;

Username and password real time validation: client occur username and password to the server. After successful validation server. Write cookie to client, then OK to return the JSON, which the cookie to be stored in Redis key in, value is the user information. And to set the timeout time of the key, for example, 10 minutes. client after receiving the ok, the corresponding business operations, each subsequent request server will automatically bring the cookie, you do not have to write code; filter server side (you must use filter to achieve) key will verify each pass over the cookie are there redis, there can be too successful login on behalf operation, no error is returned identity.

Note: After a successful login, server interface each invocation, should be renewed as a key redis, such as 60 minutes.

When the key redis more than 60 minutes, it will delete the key, when so requested server again, you will receive a return value to register. When the user initiative to withdraw from the system, but also delete key redis in the server.

Token way.

General authentication token used for display, such as phone verification code and the like, these need to manually transfer token to the background. In the client clicks codes, server sends a verification code, a token back to the client, to the client verifying a verification code, transmitting the verification code to the token + server,

token + server for verifying a verification code.

7, the rear end of the front separation project, generally ajax request mode request, interpret the request characteristics ajax

Ajax advantages:

1. The biggest thing is no page refresh, in the pages communicate with the server to the user experience is very good.

2. Using asynchronous communication with the server, the user need not interrupt the operation, having a more rapid response.

3. It can work some of the previous server burden passed on to the client, using the client's ability to handle idle, reduce the burden on servers and bandwidth, saving space and cost of broadband leased. And reduce the burden on the server, the principle ajax "on-demand access to data" can request minimizes redundancy, and the server in response to the result of the burden.

4. Based on standardized and widely supported technologies without having to download plug-ins or applets.

Ajax limitations:

1. ajax get rid of the back button, the destruction of the browser back mechanism. Back button is a standard function of important web site, but it can not be very good cooperation and js. This is a more serious problem caused by ajax, because users often want to be able to cancel the previous operation by backward. So there is no way for this problem? The answer is yes, used to know the Gmail, Gmail below ajax technology used to solve this problem in the following Gmail is back, but it does not change the ajax mechanism, a stupid but it's just used effectively when the way that the user clicks the back button to access historical records, by creating or using a hidden IFRAME to reproduce the changes on the page. (For example, when a user clicks back on Google Maps, it is in a hidden IFRAME in the search, then the search results will be reflected in the Ajax elements to restore the application state to state at the time.). However, although this problem can be solved, but it brings development cost is very high, and rapid development ajax framework is required departure from. This is a very serious problem ajax brings.

2. safe question. Technology but also on the IT companies has brought new security threats, ajax technologies like enterprise data to establish a direct channel. This allows developers to inadvertently expose more data than before and server logic. ajax logic of security scanning technology can hide the client, allowing hackers to create a new attack from the remote server. There ajax is difficult to avoid some known security vulnerabilities, such as cross-site scripting attacks, SQL injection attacks and credentials-based security vulnerabilities.

3. Support for the search engines is relatively weak.

4. Destroyed the exception mechanism of the program. At least for now it seems like ajax.dll, ajaxpro.dll these ajax framework would undermine the program's exception mechanism. On this issue, I have encountered in the development process, but checked online almost no relevant introduction. Later, I did a test, were used to model ajax and traditional form submitted to delete a data ...... it has brought great difficulties to our debugging.

5. In addition, like some other aspects, such as contrary to the original intention url and resource location. For example, I'll give you a url address, if using ajax technology, you may see in the url address below and I see this url in the address of the content is different. This resource location and departure from the original intention.

6. Some handheld devices (such as mobile phones, PDA, etc.) is still not well supported by ajax, for example, our website when using ajax technology opens on your phone's browser, it is not currently supported, of course, this issue and we did not too many relationships.

8. On the difference between Ajax and the axios

Difference: axios is to implement a package of ajax technologies through promise, like jQuery ajax to achieve the same package. In simple terms: ajax technology to achieve local data page refresh, axios package to achieve the ajax. axios ajax ajax is more than axios.

Ajax: itself is programmed for the MVC, MVVM does not meet the front end of the wave of now. Based on the development of native XHR, XHR architecture itself is not clear, we have an alternative to fetch the. JQuery entire project is too large, simply have to use the introduction of the entire JQuery ajax very unreasonable (take personalized packaging solutions can not enjoy the CDN service).

axios: Create a http request from node.js. Support Promise API. Client support to prevent CSRF. It provides interfaces (important, a lot of convenience operation) concurrent requests.

9, a front and back end if an exception occurs when running separate project, please talk about your troubleshooting steps

Google recommends using the browser during development, debugging and testing convenient! Can directly view the browser network, determine whether a given interface! The error status code; see exception event, if there is an interface side logs directly access log; selectively adjusted;

10, citing the tools you learned debug request interface

1. webService Interface: http transmission protocol is to take the soap through, the request packet and return messages are xml format, when we are tested by call, through the tools to test. You can use the tools SoapUI, jmeter, loadrunner and so on;
2. Interface API http: http protocol is to take, by a method call path to distinguish request packets are in the form of key-value, the packets are generally returns json string, or the like with a get and post, which is the most commonly used two kind of way request. You can use the tools postman, RESTClient, jmeter, loadrunner and so on;

11, a front and rear end of the project if at runtime, one function when in use, very slow meal, let you locate the problem, how would you do?

You can view the Network directly through the browser interface is that when the requested time-consuming, and targeted optimization of the interface;

12, please talk about the difference between Vue and Jquery

vue and Comparative jquey using jQuery selector () to select DOM object, its assigned value, binding events and other operations, and in fact native HTML only difference is that the selection can be more convenient and DOM object operation, the data and interface are together. Such as the need to obtain content label label :( "lable"). Val () ;, it is still dependent on the value of DOM elements. Vue Vue is through the object and the data is completely separated from the View. Operate on the data no longer need to refer to the corresponding DOM object, it can be said of data and View are separate, they are bound to each other to achieve this target by Vue vm. This is the legend of MVVM.

13, talk to Post request understanding and Get requests; how to select the two applications!

GET parameters passed with only behind URL, text format QueryString, various browsers generally have length restrictions, generally considered to be 2083, if there are Chinese characters shorter. A small amount of data submitted to the server.

POST can pass application / similar QueryString x-www-form-urlencoded is, multipart / form-data packet binary formats (file information is embedded message transmission), body parameters plain text or binary. Submit to the large amount of data on the server side.

14, to talk about the characteristics of WebApi / WebService / WCF three.

Web Service：

1. It is based on the SOAP protocol, data format is XML　　
2. Only supports HTTP protocol　　
3. It is not open source, but can be any person to use an understanding of XML　　
4. It can only be deployed on IIS　

WCF　　

1. This is also based on SOAP, and XML data format　　
2. This is the Web Service (ASMX) evolutionary version, it can support a variety of protocols, such as TCP, HTTP, HTTPS, Named Pipes, MSMQ.　　
3. WCF main problem is that it is particularly complicated to configure up　　
4. It is not open source, but can be any person to use an understanding of XML　　
5. It can be deployed in an application or on IIS or Windows Service　

Web API:　

1. This is a simple framework to build new HTTP services　　
2. .Net platform on an open source Web API is ideal, building technology REST-ful services　　
3. Unlike WCF REST Service. It can use all the features HTTP (such as URIs, request / response header cache, version control, a variety of content formats)　　
4. It also supports MVC features, like routing controller, action, filter, binding model, inversion of control (IOC) or dependency injection (the DI), the test unit. These can make the program easier and more robust　　
5. It can be deployed on an application and IIS　　
6. This is a lightweight frame, and good to limit the bandwidth devices such as smart phones and other support　　
7. Response can be converted into a Web API's MediaTypeFormatter Json, XML or any format you want to convert.

15, front and rear end of the project, when the request to the server and found a large amount of data requested, how to optimize?

Data compression can be selected; common data compression as gzip;