Web servers

Question 1

What is a web server?

Answer 1

A program that listens for requests from clients (browsers, apps) and sends back responses. When you visit a website, your browser sends a request — the web server sends back the page.

Question 2

What are the two parts of every HTTP interaction?

Answer 2

A request (sent by the client — what they want) and a response (sent by the server — what they get back). Every HTTP interaction is always this request/response pair.

Question 3

What’s in an HTTP request?

Answer 3

Four key things:

Method — what action (GET, POST, PUT, DELETE)

Path — where (/users, /products/1)

Headers — extra info (content type, auth token)

Body — data being sent (only on POST/PUT)

Question 4

What’s in an HTTP response?

Answer 4

Three key things:

Status code — did it work? (200 OK, 404 Not Found, 500 Server Error)

Headers — extra info about the response

Body — the actual data sent back (HTML, JSON, etc.)

Question 5

How do you create a basic web server in Node.js?

Answer 5

const http = require(‘http’)

const server = http.createServer((req, res) => {
res.writeHead(200, { ‘Content-Type’: ‘text/plain’ })
res.end(‘Hello World’)
})

server.listen(3000, () => console.log(‘Server running on port 3000’))

Question 6

What is routing?

Answer 6

Deciding what to do based on the URL path. You check req.url and req.method to send back different responses for different routes:

if (req.method === ‘GET’ && req.url === ‘/users’) {
res.end(‘Here are the users’)
}

Question 7

What are parameterized URLs?

Answer 7

URLs with dynamic values in the path — like /users/42 where 42 is the user ID. The number can change but the route pattern stays the same: /users/:id.

Question 8

What is the Same Origin Policy?

Answer 8

A browser security rule that blocks a web page from making requests to a different domain than the one it was loaded from. Example: a page on mysite.com can’t fetch data from othersite.com by default.

Question 9

What is CORS and why do you need it?

Answer 9

Cross-Origin Resource Sharing — a way to lift the Same Origin Policy for specific trusted origins. Your server adds headers to tell the browser “it’s ok, this other domain is allowed to talk to me”:

res.setHeader(‘Access-Control-Allow-Origin’, ‘*’)

Question 10

How do you receive POST data sent to your server?

Answer 10

POST data arrives as a stream — you collect the chunks and parse them when done:

let body = ‘’;

req.on(‘data’, chunk => body += chunk.toString());
req.on(‘end’, () => {
try {
const data = JSON.parse(body);
console.log(data);
} catch (err) {
console.error(‘Invalid JSON:’, err.message);
}
});
req.on(‘error’, err => console.error(‘Stream error:’, err.message));