Sample Solution to Final

EXAMINATION
FALL 2019

DURATION: 180 Minutes No. Of Students: 105

Department Name & Course Number: Systems and Computer Engineering

SYSC 4504A: Distributed Network Processing

Course Instructor (s): Thomas Kunz

AUTHORIZED MEMORANDA :Randy Connolly and Ricardo Hoar, Fundamentals of Web Development, 2nd
Edition, Pearson 2017, ISBN-10: 0134481267, ISBN-13: 978-0134481265 (or first edition), no e-book.

Students MUST count the number of pages in this examination question paper before beginning to write,
and report any discrepancy to a proctor. This question paper has 11 pages + cover page = _12__
pages in all.

This examination question paper may not be taken from the examination room.

In addition to this question paper, students require: an examination booklet no

Scantron Sheet no

Name:

Student Number:

Question 1: ______ / 10 Exam questions will not be explained, and no hints will be
given. If you think that something is unclear or
Question 2: ______ / 10 ambiguous, make a reasonable assumption (one that does
not contradict the question), write it at the start of the
solution, and answer the question. Do not ask questions
Question 3: ______ / 10 unless you believe you have found a mistake in the exam
paper. If there is a mistake, the correction will be
Question 4: ______ / 10 announced to the entire class. If there is no mistake, this
will be confirmed, but no additional explanation of the
Question 5: ______ / 10 question will be provided.

Question 6: ______ / 15

Total: _______/ 65
Question 1: HTML (10 marks)
1. Assume that the base URL for а web page is
http://www.example.com/hwl/detail/page7.html. Also assume that this page contains the
relative URL ../images/icon5.gif. Give the absolute URL corresponding to this relative URL.

Answer (1 mark):
http://www.example.com/hw1/images/icon5.gif

2. You are writing an HTML document that will reside in the Appl subdirectory of the Apache
htdocs directory. Тhe Appl directory contains а directory named legal. Write а relative URL that
could be used within а document contained in Appl to refer to а document named
copyright.html in the legal directory. Write а second relative URL that could be used within
copyright.html to refer to an image file named 1ogo.jpg in the Appl directory.

Answer (2 marks):
legal/copyright.html and ../logo.jpg

3. For the HTML document below, draw the tree that represents the HTML elements and their nesting
relationship

<html>
<head lang="en">
<meta charset="utf-8">
<title>Share Your Travels</title>
<style>
[title] {cursor: help; padding-bottom: 3px;
border-bottom: 2px dotted blue; text-decoration: none; }
</style>
</head>
<body>
<div>
<img src="images/flags/CA.png" title="Canada Flag" />
<h2><a href="countries.php?id=CA" title="see posts from Canada">
Canada</a></h2>
<p>Canada is a North American country consisting of ... </p>
<div>
<img src="images/square/6114907897.jpg" title="Title1" />
<img src="images/square/6592317633.jpg" title="Title2" />
<img src="images/square/6592914823.jpg" title="Title3" />
</div>
</div>
</body>
</html>
PAGE LEFT BLANK FOR ANSWER

Answer (7 marks):
Question 2: CSS (10 marks)
In the first set of questions, use the following two style declarations:
background-color: silver;
font-size: larger;
The description will refer to the first line as the background declaration, and the second line as the text
declaration.
1. Write CSS style rules that apply the background declaration to div elements and the text declaration
to strong elements

Answer (1 mark):
div { background-color: silver }
strong { font-size: larger }

2. Write a single style rule that applies both the background and text declarations to both p and em
elements

Answer (1 mark):
p, em { background-color: silver; font-size: larger }

3. Write a single style rule that applies the background declaration to HTML elements having a value
of Nevada for their id attribute as well as elements belonging to the shiny class

Answer (1 mark):
#Nevada, .shiny { background-color: silver }

4. Write a style rule that applies the text declaration to span elements that belong to a bigger class

Answer (1 mark):
span.bigger { font-size: larger }

5. Write a style rule that applies the background declaration to span elements that are descendants of
other span elements

Answer (1 marks:
span span { font-size: larger }

6. Write a style rule that applies the background declaration when the cursor hovers over a hyperlink

Answer (1 mark):
a:hover { background-color: silver }
Assume that the author, user, and browser style sheets for an HTML document are as follows:
Author: div { color: blue}
p { color: green; font_size: smaller}
.hmm {color: fuchsia}

User: p {color: white; background-color: black; font-size: larger}

body { color: yellow}

Browser: body {color: black}

Further, assume that these are the only style rules for the document, i.e., no style attributes in the
document itself.
7. What specified value will the browser use for:
a. The color property of p elements?
b. The background-color property of p elements?
c. The font-size property of p elements?
d. Do any of your answers change if the p element belongs to the hmm class? Justify your
answers.

Answer (4 marks):
 p elements will have green text (because author declarations take precedence over user
declarations as well as browser declarations)
 p elements will have black background color (because only the user specifies a value for this
property)
 p elements will have smaller font size (author declarations take precedence over user
declarations).
 If a p element belongs to the hmm class then the text color will be fuchsia because class
selectors are more specific than type selectors, the other two properties do not change
Question 3: DOM (10 marks)
State whether each of the following is true or false. If false, explain why.

a) A document’s DOM tree represents all of the nodes in a document, as well as their relationships to
each other.

Answer (1 mark): True.

b) Every HTML element in a page is represented by a DOM tree.

Answer (2 marks): False. Every element is represented by a DOM node. Each node is a member
of the document’s DOM tree.

c) A text node cannot have child nodes.

Answer (1 mark): True.

d) The document node in a DOM tree cannot have child nodes.

Answer (2 marks): False. The document is the root node, therefore has no parent node.

e) The createElement method creates a new node and inserts it into the document.

Answer (2 marks): False. The createElement method creates a node, but does not insert it into
the DOM tree.

f) The insertBefore method is called on the document object, taking a new node and an existing one to
insert the new one before.

Answer (2 marks): False. insertBefore is called on the parent.

Question 4: PHP (10 marks)
Write a PHP resource powers.php that generates HTML that would look as identical as you can make it (ignoring
styling) to the screenshot below:
PAGE LEFT BLANK FOR ANSWER

Answer (10 marks):

<!DOCTYPE html>
<html lang = "en">
<head>
<title> powers.php </title>
<meta charset = "utf-8" />
<style type = "text/css">
td, th, table {border: thin solid black;}
</style>
</head>
<body>
<table border = "border">
<caption> Powers table </caption>
<tr>
<th> Number </th>
<th> Square Root </th>
<th> Square </th>
<th> Cube </th>
<th> Quad </th>
</tr>
<?php
for ($number = 1; $number <=10; $number++) {
$root = sqrt($number);
$square = pow($number, 2);
$cube = pow($number, 3);
$quad = pow($number, 4);
print("<tr align = 'center'> <td> $number </td>");
print("<td> $root </td> <td> $square </td>");
print("<td> $cube </td> <td> $quad </td> </tr>");
}
?>
</table>
</body>
</html>
Question 5: SQL (10 marks)
Assume we have a database with three tables, as shown in the schema below.

Authors AuthorISBN Titles

1 ∞ ∞ 1
AuthorID AuthorID ISBN
FirstName ISBN Title
LastName EditionNumber
Copyright

The fields should be self-explanatory, but here is a brief description for each:
 AuthorID: unique ID for each author, an integer. It is set to autoincrement in the definition of the
table.
 FirstName: Author’s first name (a string)
 LastName: Autor’s last name (a string)
 ISBN: ISBN of a book, saved as a string
 Title: Book title (a string)
 EditionNumber: Edition number of a book, an integer
 Copyright: Copyright year of a book, an integer

Write SQL queries for this database that perform the following tasks:
1. Select all authors from the Authors table with the columns in order LastName, FirstName,
and AuthorID

Answer (1 mark):
SELECT LastName, FirstName, AuthorID FROM Authors

2. Select the author with AuthorID =1 and list all books for that author. Include the Title,
LastName and FirstName (in that order) in the output. Order the information alphabetically (in
increasing order) by the Title

Answer (4 marks):
A roundabout way to do this is the following:

SELECT Titles.title, Authors.LastName, Authors.FirstName

FROM Titles, Authors, AuthorISBN
WHERE Authors.AuthorID = AuthorISBN.AuthorID
AND AuthorISBN.ISBN = Titles.ISBN
AND ( Authors.authorID = 1 )
ORDER BY Titles.Title
 A more efficient way (and required for getting full marks) is to recognize that this requires a JOIN of
three tables implementing a many-to-many relationship:

SELECT Titles.title, Authors.LastName, Authors.FirstName

FROM Titles INNER JOIN (Authors Inner Join AuthorISBN on
Authors.AuthorID = AuthorISBN.AuthorID)
On Titles.ISBN = AuthorISBN.ISBN)
WHERE Authors.authorID = 1
ORDER BY Titles.Title

3. Add a new author (Betsy Blue) to the Authors table

Answer (2 marks):
INSERT INTO Authors ( FirstName, LastName )
VALUES ( 'Betsy', ‘Blue’ )

4. Add a new title for author with AuthorID = 5. The new title has an ISBN of '5-55-555555-5', a
Title of 'Technical Editing', is the first edition, and a Copyright year of 2019.

Answer (3 marks):
First, insert a row into the Titles table by using the following:

INSERT INTO Titles ( ISBN, Title, EditionNumber, Copyright )

VALUES ( '5-55-555555-5', 'Technical Editing', '1', 2019 )

Then, insert a row into the AuthorISBN table by using the following:

INSERT INTO AuthorISBN ( ISBN, AuthorID )

VALUES ( '5-55-555555-5', 5 )
Question 6: State Management and Security (15 marks)
1. Many websites have a “Remember me” feature on their login page, similar what is shown below.
The idea is that somehow/somewhere your login credentials can be saved, so upon a return visit to
the same site, the userid and password can be pre-populated with that information.

Discuss how this feature could be implemented with a) Cookies and b) with PHP Sessions. For each
solution, describe how the solution starts (i.e., no information has been saved), where you would
save the information, and how you would use it upon a return visit. Also discuss what security
challenges each solution raises and how to defend against these issues.

Answer (5 marks for Cookies, 5 marks for Sessions):

 Cookies: We will save two name-value pairs with the information to be remembered (userID and
password). Initially, these entries do not exist, so when the user is first presented with the login
page, he/she has to complete the information on the page. The server will create the cookies, and
they will be returned to the client and stored there. Upon a return visit to the login page, the two
name-value pairs will be transmitted to the server, the resource there can access these values and
return a login form with appropriate default values set. To make this work across multiple
“sessions”, we would use persistent cookies with an expiration time at least a few days into the
future.
Security concerns: The cookie values are transported as text in the HTTP request and response
header. To prevent a network attacker to read these credentials, the header should be encrypted,
i.e., we should use HTTPS. In addition, cookies are stored on the client side. Anyone with access
to the computer can read/retrieve all stored cookies. You could plan to save only an encrypted
version of the password, but you will need to decrypt it before sending it to the server, so your
encryption algorithm cannot be parameterized by a key/password. If you are lucky, the browser
will save all cookie information in encrypted form, and will require anyone looking at them to
provide the user credentials of the PC account. Sometimes (such as with Chrome) you are simply
out of luck here and all you can do is to make sure your PC is not left unattended (lock it, log off,
shut it down, etc.).

 Sessions: we save the credential information under two keys in the $_SESSSION Superglobal
and the login page invokes session_start(). If there is nothing stored in the session state
under these two keys, we return an empty login page to the user, otherwise we pre-populate it
with the saved credentials.
Security concerns: Typically, sessions are identified by a cookie that carries a session ID. If an
intruder can get access to the session ID, he/she can then high-jack the session and even by-pass
the authentication/login page completely. To protect against this, again do not transmit the HTTP
protocol headers in the clear, but encrypt them via HTTPS.
2. We discussed SQL Injection Attacks in some detail in the course. The image below shows the
example where we have a login page, and use that information, without sanitizing user input, to
query a database server, resulting in damage to the database (deletion of all rows in a table).

Now assume that all user names are unique. Imaging further that a malicious user is not interested in
causing damage, but instead wishes to successfully log on to an application under Alice’s
credentials. What information would Malice enter for either the user name or the password to
launch this attack?

Answer (5 marks):
To log on under Alice’s credentials, a user would need to specify Alice’s name, adding ‘; # at
the end. The SQL query becomes
Select * from Users where uname = ‘Alice’; # ‘ AND passwd = MD5(‘’)

As the user names are assumed unique, the query would return the exact same result as the one that
would also check, as intended, the password. Except ANY password value will do now, including
an empty one, allowing Malice to log on to the system as Alice.
There were two other common answers to this question, one I accepted, one I didn’t:
a. Inject an SQL query (similar to the example above) that would set the password for Alice to
a value known by Malice. This would then allow Malice to log on in a second round with the
(new) credentials for Alice. I accepted that as an answer, though it has two obvious
shortcomings:
i. The solution requires the attacker to know something about the internals of the
database: the name of the table and fields that store the user credentials. That is
usually not something that is easily obtained.
ii. The solution only works if the PHP resource has WRITE access to the database. As
is, the authentication application only needs to read from the database. If database
access is managed according to the principle of least privilege, the attack would fail.
iii. The solution is not transparent to Alice: the next time she logs on, she will not be able
to. If she then notifies the web admins, and they have taken care to log everything,
they will be able to trace the attack (another issue discussed in the course).
b. Inject an SQL query to retrieve the information stored in the database, including the
password (either for all users or more specifically for Alice). The claim is that this will allow
Malice to use that information to log on under Alice’s credentials. I did not accept this as a
valid solution:
i. It also assume that the attacker knows something about the internal details for the
database (at least the name of the table, maybe even the name of fields) to write a
proper query.
ii. It requires that the PHP resource will PRINT/DISPLAY the output of that query in
the HTML that is being returned to the user, and nothing in the code snippet above
indicates that this would happen
iii. Most importantly, even if the above two were to be true, it still will not work.
According to the code snippet, the database stores a hash of the password. Say Alice’s
password is “Test”. The database stores MD5(“Test”), and this is what Malice would
retrieve and enter into the password field. The code would take this value, run it
through the hash function again (so it becomes MD5(MD5(“Test”)) and compares it
against the value stored in the database (MD5(“Test”)). The test will fail and Malice
will not be able to log on under Alice’s credentials.