Node.js Several interview questions

Time:2021-3-9

Some statements

Through these questions to judge a person’s personality Node.js The level is not very rigorous, butIt allows you to have a good understanding of the interviewer’s Node.js How to have a general understanding of the experience in the field.

But obviously, these questions don’t tell you the way the interviewer thinks.

Show me the code

We are all human beings. Don’t be a rigid and impersonal interviewer.


What is the callback method of error first

The error first callback method is used to pass error and data at the same time. Taking the error as the first parameter, it must first check to see if there are any errors. Another parameter is used to pass data.

fs.readFile(filePath, function(err, data) {
  if(err) {
    //The return here is very important. If there is an error, it will stop here.
    return console.log(err);
  }
  //Pass data
  console.log(data);
})

How do you avoid going back to hell?

  • modularizationSplit the callback function into independent functions

  • useLibrary of control flowFor exampleasync

  • Generators combined with promise

  • async/await


What is promise?

I don’t want to say much about the concept. In short, it is something that helps you better handle asynchronous operations.

new Promise((resolve, reject) => {
  setTimeout(() => {
    resolve('result');
  }, 100)
})
  .then(console.log)
  .catch(console.error)

What is a stub? For example?

A stub is something that simulates the behavior of a component / module and provides an internal response to a function call during the test phase.

The example is writing a file, but it doesn’t actually do so

var fs = require('fs');

var writeFileStub = sinon.stub(fs, 'writeFile', function(path, data, cb) {
  return cb(null)
})

expect(writeFileStub).to.be.called
writeFileStub.restore();

How to protect your HTTP cookies from XSS attacks

stayset-cookieAdd the following information to the HTTP header:

  • Httponly – this attribute is used to prevent cross site scripting attacks. It does not allow cookies to be obtained by JavaScript code.

  • Secure – this property tells the browser to send a cookie only when an HTTPS connection is made

like this:Set-Cookit: sid=<cookit-value>; HttpOnly


What’s wrong with the following code

new Promise((resolve, reject) => {
  throw new Error('error')
}).then(console.log)

thenI didn’t catch upcatchIn this way, if the error code runs silently, it won’t tell you where the error is.

After modification:

new Promise((resolve, reject) => {
  throw new Error('error')
}).then(console.log).catch(console.error)

If you are debugging a large project, you don’t know which promise may have problems and can use itunhandledRejection. It prints out all unhandled promise exceptions

process.on('unhandledRejection', (err) => {
  console.log(err)
})

What’s wrong with the following code?

function checkApiKey(apiKeyFromDb, apiKeyReceived) {
  if (apiKeyFromDb === apiKeyReceived) {
    return true
  }
  return false
}

To tell you the truth, when I first saw it, I was confused. What’s the problem? Isn’t it a normal if else code.

However, this is not an ordinary if else code. This is the code used to compare security certificates. At this time, you can’t disclose any information, so make sure that they are compared within a certain period of time. Otherwise, your application may be attacked by timing.

What is timing attack(timing attacks)? Node.js The V8 engine used tries to optimize the code at the presentation level. It compares one character at a time, and it stops the comparison once it finds a discrepancy.

You can use itcryptilesThis NPM module solves this problem

function checkApiKey(apiKeyFromDb, apiKeyReceived) {
  return cryptiles.fixedTimeCimparison(apiKeyFromDb, apiKeyReceived)
}

There is a very good explanation in some booksHow to explain timing attack?


What does the following code output

Promise.reso(1)
  .then((x) => x + 1)
  .then((x) => {throw new Error('My Error')})
  .catch(() => 1)
  .then((x) => x + 1)
  .then((x) => console.log(x))
  .catch(console.error) 
  1. A new promise is created, which resolves parameter 1

  2. The parsed value is added with 1 (now 2), and the 2 is returned immediately

  3. The parsed value is discarded and an exception is thrown

  4. The exception is discarded and a new value of 1 is returned

  5. After catch, the operation will not stop. Before exception handling, it will continue to run. A new value 2 added by 1 is returned

  6. The return value is printed out

  7. This line will not run because there are no exceptions