Nine gold and ten silver. It’s running season again. First introduce the personal situation, one and a half years of experience, computer professional slag junior college. With the love of the front end, basic every day will take some time to learn, the foundation is ok. In fact, the last company to stay or very comfortable, no overtime, the only bad is not biased technology, business is relatively simple. In the end, I chose to step out of my comfort zone for the sake of my future career.

Left in mid-September, interviewed seven last week. One of them was The interview process was also an interesting experience, because the interviewers didn’t ask the front questions, and they were beaten up. The interviewer is on the back end of the full stack. So this article may not be useful for the front end of the interview, friends as a lively expansion of knowledge.

One side

What happens when the browser enters the URL

This topic is also an old classic topic, I believe many small partners have read the relevant article.

The approximate process is:

  1. DNS IP
  2. Sends a connection request to the server based on the IP address
  3. Three-way handshake to connect to the server
  4. The data transfer
  5. Four waves, disconnect the server (not necessarily because TCP connections are reused in HTTP1.1)
  6. Browser parsing data
  7. Build the DOM tree and the CSSOM tree in parallel
  8. Synthesis of the Render tree
  9. layout
  10. draw
  11. Render layer compositing (display content on the page).

I may have been a little nervous during the interview, but I didn’t say it in the rendering part of the later page.

HTTPS to redirect

If you enter in the browser, you will be redirected to the corresponding domain name under HTTPS.

In fact, it is very simple, jump is the server to do the redirection of the processing, the purpose is for the security of the website.

There are several ways to redirect a web page

  1. A label
  2. location.href
  4. Set the META tag of the HTML

What are the disadvantages of

Window. open opens a web page that gets the window object of the source web site through the window.opener property, or the address of the source web site through the document.referrer. So when we use, we can set the third argument to noopener=yes,noreferrer=yes.

Utf-8 and GBK differences

This is a bit of a stretch. I missed the point.

Correct answer: GBK contains all Chinese characters; Utf-8 contains the characters required by all countries in the world. Utf-8 is an international code, and its commonality is better. GBK is a national code, and its commonality is worse than UTF-8. However, UTF-8 occupies a larger database than GBK.

What does a request consist of

Request line (request method, URL, HTTP protocol version), request header, request body (data transmitted by POST)

Browser cache (strong cache, negotiated cache)

About the fields used by the strong cache, the process of using the cache. I don’t remember the field of the negotiated cache, but the important thing is that there are two strategies for the negotiated cache. One is to compare the file modification time and the other is to compare the hash value of the file contents.

Which HTTP headers have been used

Content-type, and some custom headers. These are the most common ones used at work.

Talk about Http2 and its application scenarios

Http2 has added the “multiplexing” feature, based on “binary frame” the byte stream data is divided into fragments with number transmission, after the server receives the data, according to the number synthesis of a complete data.

The application scenario is not figured out.

Http3 understand?

Only that the transport layer is based on UDP.

Why is HTTPS more secure than HTTP? HTTPS encryption process

HTTPS is more secure than HTTP because the data is encrypted when transmitted.

The browser generates a random number to the server to construct a symmetric encryption algorithm, and then the use of symmetric encryption and asymmetric encryption, data using symmetric encryption, and symmetric encryption key using asymmetric encryption.

Before data encryption, there is a certificate verification phase, forgot to answer. The public key in the certificate is used to encrypt random numbers and send them to the server.

What are the applications of symmetric encryption in work

Not used in the work, but know AES symmetric encryption.

Can packet capture tools capture HTTPS data? If so, how can security be guaranteed

Can. Because the user takes the initiative to perform the operation, the packet capture tool can configure the certificate trusted by the user, so the data can be obtained through the packet capture tool.

What is the JWT

JWT can be used to authenticate user identity information, similar to traditional tokens.

The traditional token is that the server sends the user information to the client through MD5 processing, and the client carries token authentication on the request. Because MD5 is irreversible, the server needs to query related user information in the database, perform MD5 again, and compare the MD5 with the MD5 sent by the client.

JWT is an operation that does not require the server to go through the database query. JWT has corresponding encryption and decryption algorithm, and the server can get the user information through key decryption after obtaining JWT.

Oauth2.0 authentication process

Have heard, but did not understand, did not answer out.

Under the said resfulApi

The resfulApi is an interface design specification that describes requests using semantic methods such as GET, POST, UPDATE, delete, and so on. The URL contains the version number and the resource name, and the resource is described in the plural.

Under the said graphQL

GraphQL is a language for API queries that lets clients retrieve only the data they need. In development, the data returned by the back end may contain some content that the front end does not need. GraphQL can give the initiative of obtaining data to the front end, specify the data returned by the back end through the data model, and only fetch the required data to reduce the redundant data of the interface.

B + tree said

Meng, did not answer

Second interview

In the second interview, I simply asked about the Vue life cycle, followed by questions about the project. And I’ve seen a lot of companies ask about performance optimization. Here I also give some small suggestions, can be answered from the following aspects:

  • Render: Reduce reflux redraw, use Fragment for DOM operations
  • Application: anti-shaking, throttling
  • Resources: VUE route lazy loading, small program subcontracting, Sprite diagram, image lazy loading, DNS pre-resolution, compression, cache
  • Webpack: dllPligin, multi-process packaging

On three sides

The three sides are for the boss, not to talk about skills, basically talk about some experience, personality, career planning, expectations for the company and so on. From the conversation, I learned that my boss is a programmer who changed his career. He was also a full stack engineer who had been in Alibaba. Then I know that this company was established less than half a year, it should be the company under the Excellent Network. I have asked the boss about the planning of the company’s technical team. At present, there are only two full stacks, and the technical team is expanding, and it will remain at about ten people in the future.

The last

Although I finally got the offer, I still chose not to go. The main problem is the technical team and money, I prefer a more stable company.

The answers to some questions in this article are not very comprehensive, interested can go to their own information.

Before the interview also do some knowledge review summary:

  • Gold nine silver ten, intermediate front interview review summary “JavaScript”
  • Gold nine silver ten, intermediate front interview review summary “Vue”
  • Gold nine silver ten, intermediate front end interview review summary “Browser, HTTP, front end security”

I hope that the partner who is being interviewed will not be beaten up and get the desired offer as soon as possible.