java 2 3
fdsa
fdsa
Fichier Détails
| Cartes-fiches | 496 |
|---|---|
| Langue | Deutsch |
| Catégorie | Informatique |
| Niveau | Autres |
| Crée / Actualisé | 06.12.2020 / 24.01.2021 |
| Lien de web |
https://card2brain.ch/box/20201206_java_2_3
|
| Intégrer |
<iframe src="https://card2brain.ch/box/20201206_java_2_3/embed" width="780" height="150" scrolling="no" frameborder="0"></iframe>
|
Créer ou copier des fichiers d'apprentissage
Avec un upgrade tu peux créer ou copier des fichiers d'apprentissage sans limite et utiliser de nombreuses fonctions supplémentaires.
Connecte-toi pour voir toutes les cartes.
Can comparable or comparator be used without a import statement?
Comparator yes, comparable not
Whats the package name, whats the method name, whats the number of parameters, has the interface to be implemented by class compaing in class Comparable?
java.lang / compareTo() / 1 / Yes
Whats the package name, whats the method name, whats the number of parameters, has the interface to be implemented by class compaing in class Comparator?
java.util / compare() / 2 / no
Whats the static comparator-method for comparing by results of a function that returns any object?
comparing(function)
Whats the static comparator-method for comparing by the results of a function that returns a double?
comparingDouble(function)
Whats the static comparator-method for comparing by the results of a function that returns an int?
comparingInt(function)
Whats the static comparator-method for comparing by the results of a function that returns a long?
comparingLong(function)
Whats the static comparator-method for sorting using the order specified by the comparable implementation on the object itself?
naturalOrder()
Whats the static comparator-method for sorting using the reverse of the order specified by the Comparable implementation on the object itself?
reverseOrder()
Whats the default-method in comparator for reversing the order of the chained comparator?
reversed()
Whats the default-method in comparator if the previous comparator returns 0 se this comparator that returns a double/int/long , otherwise return the value form the previous comparator
thenComparingDouble(function) / thenComparingInt(function) / thenComparingLong(function)
When can we use Collections.sort()?
When the objects to be sorted are Comparable
What are the preconditions for Collections.binarySearch?
Must be sorted
What cant be done with genericTypes?
- calling a constructor
- creating an array of that generic type
- calling instanceof
- using a primitive type as a generic type parameter
- creating a static variable as a generic type parameter
What happns if you add list.removeIf on a list which was created by list.of()?
unsupportedOperation
What is the "principle of least privilege"?
Limiting access as much as possible
What is the problem here? How to fix?
public class GrasshopperCage {
public static void openLock(ComboLocks comboLocks, String combo) {
if(comboLocks.isComboValid("grasshopper", combo)) System.out.println("open");
}
}
a attacker could override the method isComboValid and pass it to openLock. (fix it by with final class) f.e:
public boolean isComboValid(String animal, String combo) {
var valid = super.isComboValid(animal, combo);
if(valid) { // email the password to s.b.}
return valid;
}
Is this a immutable object?:
public final class Animal {
private final ArrayList<String> favoriteFoods;
public Animal() {
this.favoriteFoods = new ArrayList<String>();
this.favoriteFoods.add("Apples");
}
public List<String> getFavoriteFoods() {
return favoriteFoods;
}
}
No, the returned list can be modified. Better implement methods for getting properties, f.e.:
public String getFavoriteFoodsElement(int index) {
return favoriteFoods.get(index);
}
What is a copy constructor?
F.e.:
public Animal(List<String> favoriteFoods) {
if(favoriteFoods == null) throw new Runtimeexception("..");
this.favoriteFoods = new ArrayList<String>(favoriteFoods);
}
What is a defensive copy?
F.e. the copy operation
Does the clone() method copy shallow or deep?
shallow by default
What happens if clone is called on an object which doesnt implement cloneable?
Throw exception
What can be considered as untrusted data?
F.e. user inout, reading from files, retrieving data from databases. Any data that did not originate form your program
what is command injection? How to prevent?
F.e. typing ".." here (for going back one directory). Prevent this with whitelists
Console console = System.console();
String dirName = console.readLine();
Path path = Paths.get("c:/data/diets/" + dirName);
try(Stream<Path> stream = Files.walk(path)) {
stream.filter(p -> p.toString().endsWith(".txt")).forEach(System.out::println);
}
How to prevent comand injection with lists? which one to prefer?
Whitelists/blacklists: better whitelists
What are sensitive contexts which should be avoided to ensure confidental informations doenst escape?
* logfiles
* printing exceptions or stacktraces
* System.out and System.err messages
* writing to data files
Why should confidenial data be stored in char[] instead of string?
java wont place it in the stringpool and therefore it wount live long in the memory
How to prevent command injections?
Whitelists/blacklists/limiting file acces with permissions
What does defense in depth mean?
To apply multiple techniques to protect an application
How to specify which fields get serialized? (two ways)
transient or with an array:
private static final ObjectStreamField[] serialPersistentFields = { new ObjectStreamField("name", String.class) };
-
- 1 / 496
-
