Go naturally supports high concurrency and other features, not only suitable for server-side development, distributed storage, but also suitable for Web network application development.

How is TCP compared with UDP?

TCP has the following advantages:

  • Reliable and stable
  • TCP establishes a connection with three handshakes before transmitting data
  • TCP provides acknowledgment, window, retransmission, and congestion control mechanisms during data transmission
  • TCP disconnects after data transmission is complete to save system resources

Disadvantages of TCP:

  • Slow, low transmission efficiency
  • The system resource usage is high
  • Vulnerable to DOS/DDOS/CC attacks

Advantages of UDP:

  • fast
  • This mode consumes less system resources
  • Safer than TCP

Disadvantages of UDP:

  • Unreliable, unstable
  • Without a reliable mechanism, packets are easily lost when network conditions are not good

Noun explanations of various attacks

  • DOS attack: Denial of Service attack. The purpose of a Denial of Service attack is to prevent a computer or network from providing normal services.
    • Common DOS attacks are
    • Computer network bandwidth attack: Attacks the network with huge traffic, depleting all available network resources and preventing legitimate user requests from passing.
    • Connectivity attack: Bombards the computer with connection requests so large that all available operating system resources are exhausted and the computer is unable to process requests from normal users.
  • Distributed Denial of Service attacks: Distributed Denial of Service attacks are developed from DOS attacks. Because it is difficult for individual hackers to use high bandwidth resources, hackers have developed distributed attacks to overcome this disadvantage.
    • A simple tool used by an attacker to collect a large amount of network bandwidth to launch a large number of attack requests on a target at the same time. This is a DDOS attack.
  • CC Attack: Challenge Collapsar Attack, a black hole Attack, is a type of DDoS Attack
    • A proxy server is used to send a large number of seemingly legitimate requests to the victim server

What’s the difference between a blocking call and a synchronous call?

  • First, a blocking call is different from a synchronous call
  • At the bottom, the current thread of the synchronous call is still active, but logically does not return. The current thread can also process a variety of other information.
  • This is not the case with a blocking call, which says that the current thread is blocked and unavailable, and does not return. And the current thread cannot process other information.

A deeper understanding of synchronous asynchronous I/O and blocking non-blocking I/O

  • Firstly, the operation of network IO can be divided into two stages: preparation stage and operation stage
    • Preparation phase: Determines whether to enter the preparation phase, that is, waiting for data to be available. This phase is completed in the kernel process
    • Operation phase: The actual IO calls are made and the data is copied from the kernel buffer to the user process buffer.
  • Synchronous or asynchronous I/O
    • Refers to the mechanism for accessing data, that is, the way actual I/O operations are performed
    • Generally, the synchronization mode actively sends a request and waits for the I/O operation to complete. Applications are suspended before the I/O operation is complete
    • Asynchronism means that the user starts to perform his/her own work after triggering AN I/O operation. When the I/O operation is complete, the user is notified that the I/O operation is complete (== Asynchronism is notification ==). In this way, the process does not block when reading/writing data.
  • Block or not block IO
    • This refers to how the first stage of an IO operation is completed (the kernel buffer is not ready for data), and how the application behaves before the data is ready. If the process is suspended, it is blocking IO, otherwise it is not blocking IO.
    • Blocking and non-blocking are different ways for processes to access data, depending on the ready state of the IO operation.
    • To put it more simply: blocking and non-blocking are implementations of read or write operations, in which the read or write operations wait; In non-blocking mode, the read or write function returns a status value immediately.

What’s the difference between HTTP and HTTPS?

  1. HTTPS requires you to apply for a certificate from a CA. Generally, there are few free certificates, so a certain cost is required.
  2. HTTP is a hypertext transmission protocol, and information is transmitted in plain text. HTTPS is a secure SSL/TLS encryption transmission protocol.
  3. HTTP and HTTPS use completely different connections and use different ports, the former 80 and the latter 443. HTTP connections are simple and stateless;
  4. HTTPS is a network protocol that uses SSL, TLS, and HTTP to encrypt transmission and authenticate identity. It is more secure than HTTP.

Session vs. cookie?

  1. Session data is stored on the server, and cookie data is stored on the client browser
  2. Cookie is not very secure, we can query forged storage and then the cookie of the client to cheat the request, for security, session should be used
  3. Session will be stored on the server for a certain period of time. When the number of visits increases, the server performance will be affected. Therefore, cookies can be used to ensure the server performance
  4. A single cookie cannot store more than 4KB of data, and many browsers limit the number of cookies a site can store
  5. Cookies are not cross-domain
  6. Session cookies and persistent cookies:
  7. Session cookies are cookies that disappear with the closing of the browser without setting the expiration time, and are generally stored in memory.
  8. Persistent cookies that set the expiration time, even if closed the browser will not disappear cookies, generally exist in the hard disk; Opening the browser again remains valid until the expiration date is reached.
  9. Session sharing:
  10. How to solve the problem of SessionId sharing among different websites with a single server (same parent domain name but different sub-domain name)? Since domain names are different (A.test.com, B.test.com) and sessionids are stored in different cookies, our idea is to change the storage scope of cookies to the parent domain name to achieve the purpose of cookie sharing, so as to achieve the sharing of sessionids.
  11. The downside of this is that cookie information is also shared between sub-sites
  12. It is a good practice to store sensitive data, such as login information, in session, and other non-sensitive data in cookies

What is the process of entering a URL into a browser rendering page?

  1. Enter the URL in the client browser.
  2. It is sent to the DNS to obtain the IP address of the WEB server corresponding to the domain name.
  3. The client browser establishes a TCP(Transmission Control Protocol) connection with the WEB server.
  4. The client browser sends an HTTP or HTTPS request to the WEB server at the corresponding IP address.
  5. The WEB server responds to the request by returning the specified URL data or error message; If redirection is set, it is redirected to the new URL.
  6. The client browser downloads data and parses HTML source files. During the process of parsing, the page is typeset. After parsing, the basic page is displayed in the browser.
  7. Analyze the hyperlinks in the page and display them on the current page. Repeat the above process until no hyperlinks need to be sent and complete the display of the page.

Blocking non-blocking IO and synchronous asynchronous IO are still not in place.