Due Date: July 25 before midnight;
Max Points: 100
Important Reminder: As per the course Academic Honesty Statement, cheating of any kind will minimally result in your letter grade for the entire course being reduced by one level.
To be turned in via the submission link on brightspace.
Please remember to justify all answers.
You are encouraged to use the web or the library but are required to cite any external sources used in your answers.
It may be the case that some questions cannot be answered as requested.
Design web services for supporting home sales for both sellers and buyers. The web services should support sellers creating a listing for a house as well as buyers searching for a suitable house. Your web services need not deal with:
Authentication and authorization.
Back-end storage for the details of each home.
Your answer should merely deal with the web interface to the back-end system. Your answer should describe each service, including endpoint URLs, HTTP methods, caching and errors. 15-points
What kind of HTTP caching directives would you specify for each of the following web pages:
A blog which is updated at most once a day.
A page which only contains a search form for a library.
A page which shows the results for a library search.
A bank statement.
A page which displays the contents of a shopping cart.
You may make any reasonable assumptions. 15-points
A design for web services for a shopping cart hosts all the
services at the same POST
url and specifies the different
services using query and/or body parameters. For example:
POST /api?fn=getItems POST /api?fn=addItem&sku=shirt132&nUnits=3 POST /api?fn=delItem&orderItem=2
Discuss the tradeoffs for such an approach. 10-points
How can you ensure that an object property is hidden. Specifically,
complete the step commented TODO
below:
> obj = { a: 42 } { a: 42 } > obj { a: 42 } > //TODO ... > obj {} //property a not seen > obj.a //but it is still present 42 >
10-points
On some older e-commerce web sites, the button which starts some kind of irrevocable action like placing an order has cautionary text saying something like Please click this button only once.
What technical detail of HTML and HTTP explains the need for this caution.
How can you remove the need for this message in modern web sites for a better user experience. 10-points
REST web services can use different representations like JSON, XML or HTML. Discuss the suitability of each representation for supporting HATEOAS. You are expected to use online resources to research HATEOAS and these representations. As usual, you should reference any resources which you use in your answer. 15-points
An object obj
has a secure
property which contains security
information. How can you set things up so that any use of the
obj.secure
property while the program is running is written into
an audit log. You are not allowed to make any changes in the code
which uses obj.secure
. 10-points
Discuss the validity of the following statements. 15-points
It is possible to use the log recorded by a web server to count the number of times a particular URL has been loaded into a browser (you should assume that the web server log records the URL associated with each incoming HTTP request).
HTTP caching directives allow a resource to be correctly served from a cache even when the bits representing the resource on the origin server do not match the bits representing the resource in the cache.
Since HTTP is built on top of TCP, a separate TCP connection has to be created for each resource which is loaded by a web page.
If two JavaScript objects share the same prototype, then any update to a property of the first object will also affect the second object.
A session context in a server-side web framework can be used for storing user preferences.