SlideShare una empresa de Scribd logo

Introduction to Internet Engineering Course Slides

babak mehrabi
babak mehrabi

this is slide for IE semester 4 of university of Thran

Tecnología
1 de 31
1-Introduction 2/2 Internet Engineering Course University of Tehran Abbas Nayebi These slides are based on the presentation files provided by Lennart Herlaar, Utrecht University, the Netherlands (http://www.cs.uu.nl/people/lennart) 1
Internet prog. Environment characteristics Client/server architecture Protocols Addressing under IP Names versus numbers IP Packet, TCP WWW: Document Formats, Markup, HTML, Browsers Summary of the last session 2
Web servers The http protocol URLs, URIs, and URNs MIME Scripting languages ◦ Client side ◦ Server side: SSI, CGI, servlets Summary for this session 3
 Specialized program for handling document requests and executing scripts and programs (written in PHP, Perl, Java (JSP), ASP, ...).  Javascript, HTML and CSS are handled by the browser (the client).  Several servers exist: Apache (52%), Microsoft’s IIS (33%), and IIS’s smaller brother PWS.  Number of servers used to double about every half year, but...  Browser communicates request to server via port numbers (usually 80).  Other numbers are possible: http://knor.glob.nl:810/index.html  Apache’s Tomcat supports servlets, Java programs which extend the capabilities of a server. Tomcat works on port 8080 alongside another server.  Internet applications can be programmed without using Web servers: set up your own protocols and use sockets.  Webservers can be clients of a database server: three-tier organization. Web servers 4
 Possible requests to a web server: ◦ GET – retrieve document ◦ HEAD – retrieve the head of the document ◦ POST – execute the document, using enclosed data ◦ PUT – replace document with enclosed data ◦ DELETE – delete the document  Most used are GET and POST.  Other information passed along with request ◦ a list of acceptable mime types, ◦ e.g. Accept: text/* and Accept: image/gif ◦ For caching: If-Modified-since: date ◦ parameters for server side scripts  GET, DELETE and HEAD do not have message bodies. The http protocol 5
A status line: 200 OK, 404 File not found,.... Retrieval date and various header fields A blank line Hopefully the requested body of text, if any The return of the http protocol 6
 URI = Uniform Resource Identifier which generalizes URL  A grammar for Uniform Resource Locators (URLs) ◦ url ::= scheme address ◦ scheme ::= http:// | ftp:// | mailto: | file:// |... ◦ address ::= full-domain-name/path-to-document[#anchor] ◦ full-domain-name ::= host.domainname[:portnr] ◦ domainname ::= domain . domainname | domain ◦ domain ::= string-without-whitespace-and-{; : &} ◦ path-to-document ::= /-separated-strings-without-whitespace-and-{; : &}  Spaces in filenames should be coded as %20 (ASCII in hexadecimal).  If no html filename is given for the http protocol, the file index.html, index.php or index.htm may be used (this depends on the server, though).  URN: Uniform Resource Name  Example: ◦ URL http://www.pierobon.org/iis/review1.htm ◦ URN www.pierobon.org/iis/review1.htm#one ◦ URI http://www.pierobon.org/iis/review1.htm.html#one URLs, URIs, and URNs 7
 How does a browser know what kind of file it is retrieving?  A GIF file is displayed differently from a HTML or PDF file.  For some types, like PDF, a separate helper application must be started.  Sometimes a plug-in or filter is available, e.g. Macromedia Flash or some to-HTML converter.  Would be nice to automatically start the right one.  The same problem occurred with attachments to e-mail.  Here Multipurpose Internet Mail Extensions (MIME) were developed.  A MIME specificiation is type/subtype.  Common examples are text/html, text/plain, image/jpeg, image/gif, audio/x-realaudio and application/x-shockwave-flash.  Experimental MIME types are of the form type/x-subtype  When a MIME type is not present, the extension is usually the deciding factor. MIME 8
 WWW for dummies: use elaborate tools to construct large websites  Little programming involved, just plug and play.  We don’t want to make fancy/professional websites. We try to capture the concepts and make a dependable knowledge for web programming.  You may use drawing tools like Gimp, Photoshop, CoolEdit and the like for making sounds, pictures, banners, icons and movies.  You may not use web authoring tools like Macromedia Dreamweaver, Microsoft Frontpage, Adobe PageMill,....  What is allowed depends on the assignment: notepad++, PHP Ed, Eclipse, …  Documentation about the tools you use: include it.  Of course, in real life you should use tools wherever applicable, but whatever you do: make sure the result is maintainable. Authoring tools 9
 Inthis course, we program the Internet using the Web.  Question: why develop for the Web?  Possible answers: ◦ Browser handles displaying ◦ “Everybody” has a browser ◦ Servers handle large parts of the transmission details ◦ Database servers do much of the rest  Software maintenance/upgrade problems in a large organization.  Security issues: client program keeps a password to connect to the database server.  A lot of work has been done. Why not use it? Why use the Web? 10
 Invent your own protocol  Write your own server  Write client programs for as many platforms as you can  Try to get client and server software at the right places  Examples: (s)ftp, MSN, BitTorrent (peer-to-peer), MMORPG (Massively multiplayer online role-playing game)  The main problem is to get the proper software in the proper places.  People have to download your client software and install it on their local (home) computers  Your server software must be installed e.g. at Internet Service Provider computers. Making your own Internet applications 11
 Used to make web sites dynamic.  A fully dynamic website could be called a web application.  Scripting languages exist on both the client side and the server side.  Client side scripts are executed by the browser. ◦ These are used mainly to overcome shortcomings in the protocol / presentation (!). ◦ Dynamic HTML ◦ Examples are: JavaScript (and Java Applets to a lesser extent).  Server side scripts are executed by the webserver.  Several means of integration exist.  Examples of languages are: PHP, Perl, Python, C++, ASP. On scripting languages 12
Some executables codes transferred to the browser for execution. Now a days, are not appreciated generally Some technologies: ◦ Java Applets (executed on a VM, secured by a sandbox, multi-platform) ◦ Microsoft ActiveX (executed natively, dangerous !, single-OS, single-browser) Both of them can be signed digitally ◦ Normally, looser security rules are applied to the signed applets. Client side executables 13
Interpreted languages No (insistence on) declarations Run-time typing Exceptions exist Libraries for accessing various databases Regular expressions Easy reporting/printing Many libraries available General aspects of scripting languages 14
 Most server side scripting languages use the one-page-at-a -time philosophy: they process an scripted page.  On request, a webserver can execute a program (CGI). The program generates the whole page.  Or replace inline code by its output (PHP).  The result is usually an HTML file which is returned to the client.  Input to server side scripts is usually a form.  ”Running a web application” usually consists of a long string of script incarnations.  Page based (in form of page) ping ponging of data between client and server.  Form, submit, form, submit, form, submit, etc.  Page based requests generate lots of overhead.  Lack of state generates lots of overhead (and security issues!). Server side scripting 15
Communication between client and server (and vice versa) ◦ HTTP, HTMLx ◦ Forms, parameters Communication between server and script (and vice versa) ◦ Inline, CGI, servlets ◦ Direct, standard input/output, environment Communication between script and database (and vice versa) ◦ SQL, resultset Interesting parts of server side scripting 16
 Snippets of program scattered through HTML.  Executed from top to bottom.  Results embedded into the returned document by web server.  Examples ◦ Server Side Includes (SSI) ◦ PHP mainly uses inline, i.e., within HTML between <?php and ?>. ◦ Java Server Pages. ◦ Active Server Pages (used with VBScript or Javascript)  Often used when only small parts of the document are computations.  Thin separation between code and presentation  Code becomes quickly unreadable.  Solutions to this problem exist (templates). Method 1: Inlining code into a document 17
 HTML files may include preprocessing directives.  HTML recognized by extension (e.g., shtml) or having exec flag on.  Server parses HTML files and executes directives.  General form: ◦ <!--#element attribute=value attribute=value ... -->  Variables can be used as well, and #if directives. Server Side Includes 18
 A protocol for web browsers to interface with applications via a webserver.  Mainly used for running programs on the server (with certain permissions)  Identifiable by reference to file in special directory .../cgi- bin/xxxx or file extension.  Parameters are passed to it.  Result is usually a HTML document which is sent to the client.  Perl, Python or shell scripts are often used in this fashion.  But all languages are possible, even C++.  There are slight differences between CGI executing and ordinary execution of programs.  CGI is deprecated now. Method 2: Common Gateway Interface 19
 Client (browser) sends a request to the server by TCP/IP (socket)  We focus here on the commands GET, HEAD, POST, PUT  GET = give a document  HEAD = give only the header of document (email/news header)  POST = send the contents of a form (upload form data)  PUT = upload of a file  For CGI mostly GET or POST  The request line will be followed by 0 or more headers and an empty line  with POST/PUT followed by a body (contents of form and/or file) HTTP requests 20
The URL used for this request was: http://sunshine.cs.uu.nl:8000/docs/vakken /inp/dwarf.html?M=November&Y=2004 The body was empty Example request 21
 With GET the contents of the form, or a parameter is given as part of the URL (URL=cgi-bin/xxx?parameters)  Special characters are given in hex.  With POST the contents of the form is given as the body of the request.  The server puts all relevant information in environment variables  The body (POST) is given to the standard input of the script.  Hence, scripts reacting to a POST should read from standard input.  The server does not indicate end-of-file (length field in the headers)  In most cases, a special CGI module makes access to these information transparent. GET versus POST 22
 Important environment variables: ◦ QUERY_STRING: The query (the part after ? in the URL). Usually a series of the form field=value, separated by &. ◦ CONTENT_LENGTH length of the data (POST) ◦ CONTENT_TYPE type of the data (MIME)  Not all of the normal environment is sent along: the server filters it.  Test your program by faking the parameters (environment variables) and running it from the prompt.  The CGI program should give a correct document (with header and data) on standard output (say, using printf() ).  First thing to do: print the Content-type.  The server sends this document to the client (browser). CGI Environment 23
Many languages offer libraries for CGI programming. These libraries take care of tedious tasks, such as accessing the environment variables and decoding QUERY_STRING. Always look for, and use libraries for CGI. Libraries for CGI 24
 Independent of a programming language  Isolation of processes. CGI cannot damage the server  CGI programs can get limited permissions (only for part of the Web site)  Performance: for each request a CGI script must be started as a separate process  Starting a new process is very expensive, especially on Windows.  No possibility to give other information to the server (like logging, program should write the logs in its own repository)  One time Request/Response: stateless (not just CGI, also for inline).  Ex: consider an electronic shopping cart (e-commerce): where do I maintain the shopping list? CGI advantages/disadvantages 25
 For a stateless server the client must keep the state.  In a browser: this could be done with Javascript, Java, etc.  In Forms: “hidden” fields can be filled.  When the form is sent these fields are included.  Cumulative information (like shopping card) could be stored in this way.  Problem: when the user “returns” (with the BACK key) or enters the URL directly in the browser the field gets lost. Not bad when each user wants to keep multiple workflows simultaneously.  If GET is used, it is also possible to put extra information in the URL if no form is present.  Exe: Find a website that gets parameters from the URL. Try to change the parameters and retrieve the infoprmation without navigating through the pages, e.g., zzzzz.com? picId=100&newsId=56  Keeping state in the client or URL is prone to security issues.  Other (better) solutions exist to the problem of statelessness. Client side state 26
Four steps: article selection, personal data, credit card details, confirmation. Four scripts or one script? Maintaining state. Validating input. Security. Example: order process of an online shop 27
(Reading) SQL injection. Cross site scripting. Some other security issues 28
 A more recent development.  Servlet = applet run on a server.  Servlets, in general define extensions to servers (WWW or other).  Many people know Java and its many libraries.  Java is typed.  No need to learn a new language.  Basic packages are javax.servlet and javax.servlet.http  JSP is used when only little code is included in HTML documents.  Use javax.servlet.jsp and javax.servlet.jsp.tagext.  Together JSP and servlets constitute the Web side of J2EE.  Database connecting using Java DataBase Connectivity (JDBC). Method 3: Java Servlets 29
Exe: Answer the following question: ◦ What is a keep-alive connection? Exe: List three enhances in Http 1.1 over Http 1.0 Keep-Alive Connections 30
Web servers The http protocol URLs, URIs, and URNs MIME Scripting languages ◦ Client side ◦ Server side: SSI, CGI, servlets Summary for this session 31

Recomendados

Introduction to Web Technology
Introduction to Web TechnologyIntroduction to Web Technology
Introduction to Web TechnologyAashish Jain
 
Unit 1 introduction to web programming
Unit 1 introduction to web programmingUnit 1 introduction to web programming
Unit 1 introduction to web programmingzahid7578
 
Introduction to web technology
Introduction to web technologyIntroduction to web technology
Introduction to web technologyVARSHAKUMARI49
 
HTML, CSS and XML
HTML, CSS and XMLHTML, CSS and XML
HTML, CSS and XMLAashish Jain
 
introduction to web technology
introduction to web technologyintroduction to web technology
introduction to web technologyvikram singh
 
Internet programming lecture 1
Internet programming lecture 1Internet programming lecture 1
Internet programming lecture 1Mohammed Hussein
 
introduction to Web system
introduction to Web systemintroduction to Web system
introduction to Web systemhashim102
 
Web Technology Fundamentals
Web Technology FundamentalsWeb Technology Fundamentals
Web Technology Fundamentalssunmitraeducation
 

Recomendados

Introduction to Web Technology
Introduction to Web TechnologyIntroduction to Web Technology
Introduction to Web TechnologyAashish Jain
 
Unit 1 introduction to web programming
Unit 1 introduction to web programmingUnit 1 introduction to web programming
Unit 1 introduction to web programmingzahid7578
 
Introduction to web technology
Introduction to web technologyIntroduction to web technology
Introduction to web technologyVARSHAKUMARI49
 
HTML, CSS and XML
HTML, CSS and XMLHTML, CSS and XML
HTML, CSS and XMLAashish Jain
 
introduction to web technology
introduction to web technologyintroduction to web technology
introduction to web technologyvikram singh
 
Internet programming lecture 1
Internet programming lecture 1Internet programming lecture 1
Internet programming lecture 1Mohammed Hussein
 
introduction to Web system
introduction to Web systemintroduction to Web system
introduction to Web systemhashim102
 
Web Technology Fundamentals
Web Technology FundamentalsWeb Technology Fundamentals
Web Technology Fundamentalssunmitraeducation
 
CS6501 - Internet programming
CS6501 - Internet programming CS6501 - Internet programming
CS6501 - Internet programming Karthik Venkatachalam
 
Slides 1 - Internet and Web
Slides 1 - Internet and WebSlides 1 - Internet and Web
Slides 1 - Internet and WebMassimo Callisto
 
Overview of TCP IP
Overview of TCP IPOverview of TCP IP
Overview of TCP IPuniversity of education,Lahore
 
Internet
InternetInternet
InternetGUjjar478
 
Html
HtmlHtml
Htmlkousika
 
Intro to Dynamic Web Pages
Intro to Dynamic Web PagesIntro to Dynamic Web Pages
Intro to Dynamic Web PagesJussi Pohjolainen
 
Prog db-and-web-with-html-php-and-my sql
Prog db-and-web-with-html-php-and-my sqlProg db-and-web-with-html-php-and-my sql
Prog db-and-web-with-html-php-and-my sqlAntara Sharma
 
Introduction to Web Technology
Introduction to Web TechnologyIntroduction to Web Technology
Introduction to Web TechnologyRob Bertholf
 
0 csc 3311 slide internet programming
0 csc 3311 slide internet programming0 csc 3311 slide internet programming
0 csc 3311 slide internet programmingumardanjumamaiwada
 
Lecture3 introduction towebpages
Lecture3 introduction towebpagesLecture3 introduction towebpages
Lecture3 introduction towebpagesamitpatil777
 
Internet
InternetInternet
InternetAyebazibwe Kenneth
 
Internet
InternetInternet
InternetCss Founder
 
Internet
InternetInternet
Internetjana_bhuva
 
Internet
InternetInternet
InternetBilal Maqbool ツ
 
Eba ppt rajesh
Eba ppt rajeshEba ppt rajesh
Eba ppt rajeshRajeshP153
 
Introduction to Web Architecture
Introduction to Web ArchitectureIntroduction to Web Architecture
Introduction to Web ArchitectureChamnap Chhorn
 
Web technology unit I - Part B
Web technology unit I - Part BWeb technology unit I - Part B
Web technology unit I - Part BSSN College of Engineering, Kalavakkam
 
Howthe internet
Howthe internetHowthe internet
Howthe internetBesar Limani
 
Intro. to the internet and web
Intro. to the internet and webIntro. to the internet and web
Intro. to the internet and webdofirfauzi1302
 
Web technology Unit-I Part E
Web technology Unit-I Part EWeb technology Unit-I Part E
Web technology Unit-I Part ESSN College of Engineering, Kalavakkam
 
One IOTA at a time: A Case Study of OpenURL Success Metrics
One IOTA at a time: A Case Study of OpenURL Success MetricsOne IOTA at a time: A Case Study of OpenURL Success Metrics
One IOTA at a time: A Case Study of OpenURL Success MetricsCharleston Conference
 
2
22
2Juan S
 

Más contenido relacionado

La actualidad más candente

Slides 1 - Internet and Web
Slides 1 - Internet and WebSlides 1 - Internet and Web
Slides 1 - Internet and WebMassimo Callisto
 
Prog db-and-web-with-html-php-and-my sql
Prog db-and-web-with-html-php-and-my sqlProg db-and-web-with-html-php-and-my sql
Prog db-and-web-with-html-php-and-my sqlAntara Sharma
 
Introduction to Web Technology
Introduction to Web TechnologyIntroduction to Web Technology
Introduction to Web TechnologyRob Bertholf
 
0 csc 3311 slide internet programming
0 csc 3311 slide internet programming0 csc 3311 slide internet programming
0 csc 3311 slide internet programmingumardanjumamaiwada
 
Lecture3 introduction towebpages
Lecture3 introduction towebpagesLecture3 introduction towebpages
Lecture3 introduction towebpagesamitpatil777
 
Eba ppt rajesh
Eba ppt rajeshEba ppt rajesh
Eba ppt rajeshRajeshP153
 
Introduction to Web Architecture
Introduction to Web ArchitectureIntroduction to Web Architecture
Introduction to Web ArchitectureChamnap Chhorn
 
Intro. to the internet and web
Intro. to the internet and webIntro. to the internet and web
Intro. to the internet and webdofirfauzi1302
 

La actualidad más candente (20)

CS6501 - Internet programming
CS6501 - Internet programming CS6501 - Internet programming
CS6501 - Internet programming
 
Slides 1 - Internet and Web
Slides 1 - Internet and WebSlides 1 - Internet and Web
Slides 1 - Internet and Web
 
Overview of TCP IP
Overview of TCP IPOverview of TCP IP
Overview of TCP IP
 
Internet
InternetInternet
Internet
 
Html
HtmlHtml
Html
 
Intro to Dynamic Web Pages
Intro to Dynamic Web PagesIntro to Dynamic Web Pages
Intro to Dynamic Web Pages
 
Prog db-and-web-with-html-php-and-my sql
Prog db-and-web-with-html-php-and-my sqlProg db-and-web-with-html-php-and-my sql
Prog db-and-web-with-html-php-and-my sql
 
Introduction to Web Technology
Introduction to Web TechnologyIntroduction to Web Technology
Introduction to Web Technology
 
0 csc 3311 slide internet programming
0 csc 3311 slide internet programming0 csc 3311 slide internet programming
0 csc 3311 slide internet programming
 
Lecture3 introduction towebpages
Lecture3 introduction towebpagesLecture3 introduction towebpages
Lecture3 introduction towebpages
 
Internet
InternetInternet
Internet
 
Internet
InternetInternet
Internet
 
Internet
InternetInternet
Internet
 
Internet
InternetInternet
Internet
 
Eba ppt rajesh
Eba ppt rajeshEba ppt rajesh
Eba ppt rajesh
 
Introduction to Web Architecture
Introduction to Web ArchitectureIntroduction to Web Architecture
Introduction to Web Architecture
 
Web technology unit I - Part B
Web technology unit I - Part BWeb technology unit I - Part B
Web technology unit I - Part B
 
Howthe internet
Howthe internetHowthe internet
Howthe internet
 
Intro. to the internet and web
Intro. to the internet and webIntro. to the internet and web
Intro. to the internet and web
 
Web technology Unit-I Part E
Web technology Unit-I Part EWeb technology Unit-I Part E
Web technology Unit-I Part E
 

Destacado

One IOTA at a time: A Case Study of OpenURL Success Metrics
One IOTA at a time: A Case Study of OpenURL Success MetricsOne IOTA at a time: A Case Study of OpenURL Success Metrics
One IOTA at a time: A Case Study of OpenURL Success MetricsCharleston Conference
 
What Provosts Want Librarians to Know, Beth Paul, Stetson University
What Provosts Want Librarians to Know, Beth Paul, Stetson UniversityWhat Provosts Want Librarians to Know, Beth Paul, Stetson University
What Provosts Want Librarians to Know, Beth Paul, Stetson UniversityCharleston Conference
 
Nilai-Nilai Dasar Perjuangan versi Konstitusi
Nilai-Nilai Dasar Perjuangan versi KonstitusiNilai-Nilai Dasar Perjuangan versi Konstitusi
Nilai-Nilai Dasar Perjuangan versi KonstitusiAgus Muhammad Iqro
 
NY Equity Investments PPT Deck design
NY Equity Investments PPT Deck designNY Equity Investments PPT Deck design
NY Equity Investments PPT Deck designFreelance Designer
 
Status26 Pubcon PPT deck design
Status26 Pubcon PPT deck designStatus26 Pubcon PPT deck design
Status26 Pubcon PPT deck designFreelance Designer
 
ComScore Suite PPT Deck design
ComScore Suite PPT Deck designComScore Suite PPT Deck design
ComScore Suite PPT Deck designFreelance Designer
 
Acquiring Small Press Monographs: Trends and Analyses
Acquiring Small Press Monographs: Trends and AnalysesAcquiring Small Press Monographs: Trends and Analyses
Acquiring Small Press Monographs: Trends and AnalysesCharleston Conference
 
2013 smrf-nodexl-sna-socialmedia-fr version -130320011951-phpapp01-1 2
2013 smrf-nodexl-sna-socialmedia-fr version -130320011951-phpapp01-1 22013 smrf-nodexl-sna-socialmedia-fr version -130320011951-phpapp01-1 2
2013 smrf-nodexl-sna-socialmedia-fr version -130320011951-phpapp01-1 2Cyrille P.
 
Catalogue formations altasys_conseil2013_
Catalogue formations altasys_conseil2013_Catalogue formations altasys_conseil2013_
Catalogue formations altasys_conseil2013_Novabuild
 
Diario Paka y Nacho
Diario Paka y NachoDiario Paka y Nacho
Diario Paka y Nachosofiamau
 

Destacado (20)

One IOTA at a time: A Case Study of OpenURL Success Metrics
One IOTA at a time: A Case Study of OpenURL Success MetricsOne IOTA at a time: A Case Study of OpenURL Success Metrics
One IOTA at a time: A Case Study of OpenURL Success Metrics
 
2
22
2
 
Singhanias
SinghaniasSinghanias
Singhanias
 
What Provosts Want Librarians to Know, Beth Paul, Stetson University
What Provosts Want Librarians to Know, Beth Paul, Stetson UniversityWhat Provosts Want Librarians to Know, Beth Paul, Stetson University
What Provosts Want Librarians to Know, Beth Paul, Stetson University
 
Titans (iv 2)
Titans (iv 2)Titans (iv 2)
Titans (iv 2)
 
5kount brochure booklet
5kount brochure booklet5kount brochure booklet
5kount brochure booklet
 
Ndp rekonstruksi
Ndp rekonstruksiNdp rekonstruksi
Ndp rekonstruksi
 
Hatzalah ppt deck design
Hatzalah ppt deck designHatzalah ppt deck design
Hatzalah ppt deck design
 
Nilai-Nilai Dasar Perjuangan versi Konstitusi
Nilai-Nilai Dasar Perjuangan versi KonstitusiNilai-Nilai Dasar Perjuangan versi Konstitusi
Nilai-Nilai Dasar Perjuangan versi Konstitusi
 
NY Equity Investments PPT Deck design
NY Equity Investments PPT Deck designNY Equity Investments PPT Deck design
NY Equity Investments PPT Deck design
 
Getoomi PPT Deck design
Getoomi PPT Deck designGetoomi PPT Deck design
Getoomi PPT Deck design
 
CMS presentation deck design
CMS presentation deck designCMS presentation deck design
CMS presentation deck design
 
Status26 Pubcon PPT deck design
Status26 Pubcon PPT deck designStatus26 Pubcon PPT deck design
Status26 Pubcon PPT deck design
 
Help Me See PPT Deck design
Help Me See PPT Deck designHelp Me See PPT Deck design
Help Me See PPT Deck design
 
ComScore Suite PPT Deck design
ComScore Suite PPT Deck designComScore Suite PPT Deck design
ComScore Suite PPT Deck design
 
Acquiring Small Press Monographs: Trends and Analyses
Acquiring Small Press Monographs: Trends and AnalysesAcquiring Small Press Monographs: Trends and Analyses
Acquiring Small Press Monographs: Trends and Analyses
 
Managing Journals by Committee
Managing Journals by CommitteeManaging Journals by Committee
Managing Journals by Committee
 
2013 smrf-nodexl-sna-socialmedia-fr version -130320011951-phpapp01-1 2
2013 smrf-nodexl-sna-socialmedia-fr version -130320011951-phpapp01-1 22013 smrf-nodexl-sna-socialmedia-fr version -130320011951-phpapp01-1 2
2013 smrf-nodexl-sna-socialmedia-fr version -130320011951-phpapp01-1 2
 
Catalogue formations altasys_conseil2013_
Catalogue formations altasys_conseil2013_Catalogue formations altasys_conseil2013_
Catalogue formations altasys_conseil2013_
 
Diario Paka y Nacho
Diario Paka y NachoDiario Paka y Nacho
Diario Paka y Nacho
 

Similar a Introduction to Internet Engineering Course Slides

Web Landscape - updated in Jan 2016
Web Landscape - updated in Jan 2016Web Landscape - updated in Jan 2016
Web Landscape - updated in Jan 2016Jack Zheng
 
C# and Dot Net Framework 1st & 2nd Unit.pdf
C# and Dot Net Framework 1st & 2nd Unit.pdfC# and Dot Net Framework 1st & 2nd Unit.pdf
C# and Dot Net Framework 1st & 2nd Unit.pdfMohammedAnas871930
 
Web Architecture and Technologies
Web Architecture and TechnologiesWeb Architecture and Technologies
Web Architecture and TechnologiesFulvio Corno
 
Web Technology – Web Server Setup : Chris Uriarte
Web Technology – Web Server Setup : Chris UriarteWeb Technology – Web Server Setup : Chris Uriarte
Web Technology – Web Server Setup : Chris Uriartewebhostingguy
 
Web Server-Side Programming Techniques
Web Server-Side Programming TechniquesWeb Server-Side Programming Techniques
Web Server-Side Programming Techniquesguest8899ec02
 
Web hosting presentations by hostindia.net
Web hosting presentations by hostindia.netWeb hosting presentations by hostindia.net
Web hosting presentations by hostindia.netHostin Services Pvt Ltd
 
Cloud Computing in Systems Programming Curriculum
Cloud Computing in Systems Programming CurriculumCloud Computing in Systems Programming Curriculum
Cloud Computing in Systems Programming CurriculumSteven Miller
 
Lecture 1- Introduction to Computers and the Internet.pptx
Lecture 1- Introduction to Computers and the Internet.pptxLecture 1- Introduction to Computers and the Internet.pptx
Lecture 1- Introduction to Computers and the Internet.pptxRemyaTom2
 
Web technologies lesson 1
Web technologies lesson 1Web technologies lesson 1
Web technologies lesson 1nhepner
 
introduction_to_web_technology.pdf
introduction_to_web_technology.pdfintroduction_to_web_technology.pdf
introduction_to_web_technology.pdfVishwanathBurkpalli
 

Similar a Introduction to Internet Engineering Course Slides (20)

introduction to web application development
introduction to web application developmentintroduction to web application development
introduction to web application development
 
Webtechnologies
Webtechnologies Webtechnologies
Webtechnologies
 
dotNET_Overview.pdf
dotNET_Overview.pdfdotNET_Overview.pdf
dotNET_Overview.pdf
 
unit1 part 1 sem4 php.docx
unit1 part 1 sem4 php.docxunit1 part 1 sem4 php.docx
unit1 part 1 sem4 php.docx
 
WP Chap 1 & 2.pptx
WP Chap 1 & 2.pptxWP Chap 1 & 2.pptx
WP Chap 1 & 2.pptx
 
Web Landscape - updated in Jan 2016
Web Landscape - updated in Jan 2016Web Landscape - updated in Jan 2016
Web Landscape - updated in Jan 2016
 
C# and Dot Net Framework 1st & 2nd Unit.pdf
C# and Dot Net Framework 1st & 2nd Unit.pdfC# and Dot Net Framework 1st & 2nd Unit.pdf
C# and Dot Net Framework 1st & 2nd Unit.pdf
 
Web Architecture and Technologies
Web Architecture and TechnologiesWeb Architecture and Technologies
Web Architecture and Technologies
 
Web Technology – Web Server Setup : Chris Uriarte
Web Technology – Web Server Setup : Chris UriarteWeb Technology – Web Server Setup : Chris Uriarte
Web Technology – Web Server Setup : Chris Uriarte
 
Webdevelopment
WebdevelopmentWebdevelopment
Webdevelopment
 
Web Server-Side Programming Techniques
Web Server-Side Programming TechniquesWeb Server-Side Programming Techniques
Web Server-Side Programming Techniques
 
Web hosting presentations by hostindia.net
Web hosting presentations by hostindia.netWeb hosting presentations by hostindia.net
Web hosting presentations by hostindia.net
 
20CS2008 Computer Networks
20CS2008 Computer Networks 20CS2008 Computer Networks
20CS2008 Computer Networks
 
Web Browsers.pptx
Web Browsers.pptxWeb Browsers.pptx
Web Browsers.pptx
 
Cloud Computing in Systems Programming Curriculum
Cloud Computing in Systems Programming CurriculumCloud Computing in Systems Programming Curriculum
Cloud Computing in Systems Programming Curriculum
 
web server
web serverweb server
web server
 
Lecture 1- Introduction to Computers and the Internet.pptx
Lecture 1- Introduction to Computers and the Internet.pptxLecture 1- Introduction to Computers and the Internet.pptx
Lecture 1- Introduction to Computers and the Internet.pptx
 
Chapter_2_v8.3.pptx
Chapter_2_v8.3.pptxChapter_2_v8.3.pptx
Chapter_2_v8.3.pptx
 
Web technologies lesson 1
Web technologies lesson 1Web technologies lesson 1
Web technologies lesson 1
 
introduction_to_web_technology.pdf
introduction_to_web_technology.pdfintroduction_to_web_technology.pdf
introduction_to_web_technology.pdf
 

Último

Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 

Último (20)

Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 

Introduction to Internet Engineering Course Slides

  • 1. 1-Introduction 2/2 Internet Engineering Course University of Tehran Abbas Nayebi These slides are based on the presentation files provided by Lennart Herlaar, Utrecht University, the Netherlands (http://www.cs.uu.nl/people/lennart) 1
  • 2. Internet prog. Environment characteristics Client/server architecture Protocols Addressing under IP Names versus numbers IP Packet, TCP WWW: Document Formats, Markup, HTML, Browsers Summary of the last session 2
  • 3. Web servers The http protocol URLs, URIs, and URNs MIME Scripting languages ◦ Client side ◦ Server side: SSI, CGI, servlets Summary for this session 3
  • 4. Specialized program for handling document requests and executing scripts and programs (written in PHP, Perl, Java (JSP), ASP, ...).  Javascript, HTML and CSS are handled by the browser (the client).  Several servers exist: Apache (52%), Microsoft’s IIS (33%), and IIS’s smaller brother PWS.  Number of servers used to double about every half year, but...  Browser communicates request to server via port numbers (usually 80).  Other numbers are possible: http://knor.glob.nl:810/index.html  Apache’s Tomcat supports servlets, Java programs which extend the capabilities of a server. Tomcat works on port 8080 alongside another server.  Internet applications can be programmed without using Web servers: set up your own protocols and use sockets.  Webservers can be clients of a database server: three-tier organization. Web servers 4
  • 5.  Possible requests to a web server: ◦ GET – retrieve document ◦ HEAD – retrieve the head of the document ◦ POST – execute the document, using enclosed data ◦ PUT – replace document with enclosed data ◦ DELETE – delete the document  Most used are GET and POST.  Other information passed along with request ◦ a list of acceptable mime types, ◦ e.g. Accept: text/* and Accept: image/gif ◦ For caching: If-Modified-since: date ◦ parameters for server side scripts  GET, DELETE and HEAD do not have message bodies. The http protocol 5
  • 6. A status line: 200 OK, 404 File not found,.... Retrieval date and various header fields A blank line Hopefully the requested body of text, if any The return of the http protocol 6
  • 7. URI = Uniform Resource Identifier which generalizes URL  A grammar for Uniform Resource Locators (URLs) ◦ url ::= scheme address ◦ scheme ::= http:// | ftp:// | mailto: | file:// |... ◦ address ::= full-domain-name/path-to-document[#anchor] ◦ full-domain-name ::= host.domainname[:portnr] ◦ domainname ::= domain . domainname | domain ◦ domain ::= string-without-whitespace-and-{; : &} ◦ path-to-document ::= /-separated-strings-without-whitespace-and-{; : &}  Spaces in filenames should be coded as %20 (ASCII in hexadecimal).  If no html filename is given for the http protocol, the file index.html, index.php or index.htm may be used (this depends on the server, though).  URN: Uniform Resource Name  Example: ◦ URL http://www.pierobon.org/iis/review1.htm ◦ URN www.pierobon.org/iis/review1.htm#one ◦ URI http://www.pierobon.org/iis/review1.htm.html#one URLs, URIs, and URNs 7
  • 8. How does a browser know what kind of file it is retrieving?  A GIF file is displayed differently from a HTML or PDF file.  For some types, like PDF, a separate helper application must be started.  Sometimes a plug-in or filter is available, e.g. Macromedia Flash or some to-HTML converter.  Would be nice to automatically start the right one.  The same problem occurred with attachments to e-mail.  Here Multipurpose Internet Mail Extensions (MIME) were developed.  A MIME specificiation is type/subtype.  Common examples are text/html, text/plain, image/jpeg, image/gif, audio/x-realaudio and application/x-shockwave-flash.  Experimental MIME types are of the form type/x-subtype  When a MIME type is not present, the extension is usually the deciding factor. MIME 8
  • 9. WWW for dummies: use elaborate tools to construct large websites  Little programming involved, just plug and play.  We don’t want to make fancy/professional websites. We try to capture the concepts and make a dependable knowledge for web programming.  You may use drawing tools like Gimp, Photoshop, CoolEdit and the like for making sounds, pictures, banners, icons and movies.  You may not use web authoring tools like Macromedia Dreamweaver, Microsoft Frontpage, Adobe PageMill,....  What is allowed depends on the assignment: notepad++, PHP Ed, Eclipse, …  Documentation about the tools you use: include it.  Of course, in real life you should use tools wherever applicable, but whatever you do: make sure the result is maintainable. Authoring tools 9
  • 10.  Inthis course, we program the Internet using the Web.  Question: why develop for the Web?  Possible answers: ◦ Browser handles displaying ◦ “Everybody” has a browser ◦ Servers handle large parts of the transmission details ◦ Database servers do much of the rest  Software maintenance/upgrade problems in a large organization.  Security issues: client program keeps a password to connect to the database server.  A lot of work has been done. Why not use it? Why use the Web? 10
  • 11.  Invent your own protocol  Write your own server  Write client programs for as many platforms as you can  Try to get client and server software at the right places  Examples: (s)ftp, MSN, BitTorrent (peer-to-peer), MMORPG (Massively multiplayer online role-playing game)  The main problem is to get the proper software in the proper places.  People have to download your client software and install it on their local (home) computers  Your server software must be installed e.g. at Internet Service Provider computers. Making your own Internet applications 11
  • 12.  Used to make web sites dynamic.  A fully dynamic website could be called a web application.  Scripting languages exist on both the client side and the server side.  Client side scripts are executed by the browser. ◦ These are used mainly to overcome shortcomings in the protocol / presentation (!). ◦ Dynamic HTML ◦ Examples are: JavaScript (and Java Applets to a lesser extent).  Server side scripts are executed by the webserver.  Several means of integration exist.  Examples of languages are: PHP, Perl, Python, C++, ASP. On scripting languages 12
  • 13. Some executables codes transferred to the browser for execution. Now a days, are not appreciated generally Some technologies: ◦ Java Applets (executed on a VM, secured by a sandbox, multi-platform) ◦ Microsoft ActiveX (executed natively, dangerous !, single-OS, single-browser) Both of them can be signed digitally ◦ Normally, looser security rules are applied to the signed applets. Client side executables 13
  • 14. Interpreted languages No (insistence on) declarations Run-time typing Exceptions exist Libraries for accessing various databases Regular expressions Easy reporting/printing Many libraries available General aspects of scripting languages 14
  • 15.  Most server side scripting languages use the one-page-at-a -time philosophy: they process an scripted page.  On request, a webserver can execute a program (CGI). The program generates the whole page.  Or replace inline code by its output (PHP).  The result is usually an HTML file which is returned to the client.  Input to server side scripts is usually a form.  ”Running a web application” usually consists of a long string of script incarnations.  Page based (in form of page) ping ponging of data between client and server.  Form, submit, form, submit, form, submit, etc.  Page based requests generate lots of overhead.  Lack of state generates lots of overhead (and security issues!). Server side scripting 15
  • 16. Communication between client and server (and vice versa) ◦ HTTP, HTMLx ◦ Forms, parameters Communication between server and script (and vice versa) ◦ Inline, CGI, servlets ◦ Direct, standard input/output, environment Communication between script and database (and vice versa) ◦ SQL, resultset Interesting parts of server side scripting 16
  • 17.  Snippets of program scattered through HTML.  Executed from top to bottom.  Results embedded into the returned document by web server.  Examples ◦ Server Side Includes (SSI) ◦ PHP mainly uses inline, i.e., within HTML between <?php and ?>. ◦ Java Server Pages. ◦ Active Server Pages (used with VBScript or Javascript)  Often used when only small parts of the document are computations.  Thin separation between code and presentation  Code becomes quickly unreadable.  Solutions to this problem exist (templates). Method 1: Inlining code into a document 17
  • 18.  HTML files may include preprocessing directives.  HTML recognized by extension (e.g., shtml) or having exec flag on.  Server parses HTML files and executes directives.  General form: ◦ <!--#element attribute=value attribute=value ... -->  Variables can be used as well, and #if directives. Server Side Includes 18
  • 19.  A protocol for web browsers to interface with applications via a webserver.  Mainly used for running programs on the server (with certain permissions)  Identifiable by reference to file in special directory .../cgi- bin/xxxx or file extension.  Parameters are passed to it.  Result is usually a HTML document which is sent to the client.  Perl, Python or shell scripts are often used in this fashion.  But all languages are possible, even C++.  There are slight differences between CGI executing and ordinary execution of programs.  CGI is deprecated now. Method 2: Common Gateway Interface 19
  • 20.  Client (browser) sends a request to the server by TCP/IP (socket)  We focus here on the commands GET, HEAD, POST, PUT  GET = give a document  HEAD = give only the header of document (email/news header)  POST = send the contents of a form (upload form data)  PUT = upload of a file  For CGI mostly GET or POST  The request line will be followed by 0 or more headers and an empty line  with POST/PUT followed by a body (contents of form and/or file) HTTP requests 20
  • 21. The URL used for this request was: http://sunshine.cs.uu.nl:8000/docs/vakken /inp/dwarf.html?M=November&Y=2004 The body was empty Example request 21
  • 22. With GET the contents of the form, or a parameter is given as part of the URL (URL=cgi-bin/xxx?parameters)  Special characters are given in hex.  With POST the contents of the form is given as the body of the request.  The server puts all relevant information in environment variables  The body (POST) is given to the standard input of the script.  Hence, scripts reacting to a POST should read from standard input.  The server does not indicate end-of-file (length field in the headers)  In most cases, a special CGI module makes access to these information transparent. GET versus POST 22
  • 23. Important environment variables: ◦ QUERY_STRING: The query (the part after ? in the URL). Usually a series of the form field=value, separated by &. ◦ CONTENT_LENGTH length of the data (POST) ◦ CONTENT_TYPE type of the data (MIME)  Not all of the normal environment is sent along: the server filters it.  Test your program by faking the parameters (environment variables) and running it from the prompt.  The CGI program should give a correct document (with header and data) on standard output (say, using printf() ).  First thing to do: print the Content-type.  The server sends this document to the client (browser). CGI Environment 23
  • 24. Many languages offer libraries for CGI programming. These libraries take care of tedious tasks, such as accessing the environment variables and decoding QUERY_STRING. Always look for, and use libraries for CGI. Libraries for CGI 24
  • 25. Independent of a programming language  Isolation of processes. CGI cannot damage the server  CGI programs can get limited permissions (only for part of the Web site)  Performance: for each request a CGI script must be started as a separate process  Starting a new process is very expensive, especially on Windows.  No possibility to give other information to the server (like logging, program should write the logs in its own repository)  One time Request/Response: stateless (not just CGI, also for inline).  Ex: consider an electronic shopping cart (e-commerce): where do I maintain the shopping list? CGI advantages/disadvantages 25
  • 26. For a stateless server the client must keep the state.  In a browser: this could be done with Javascript, Java, etc.  In Forms: “hidden” fields can be filled.  When the form is sent these fields are included.  Cumulative information (like shopping card) could be stored in this way.  Problem: when the user “returns” (with the BACK key) or enters the URL directly in the browser the field gets lost. Not bad when each user wants to keep multiple workflows simultaneously.  If GET is used, it is also possible to put extra information in the URL if no form is present.  Exe: Find a website that gets parameters from the URL. Try to change the parameters and retrieve the infoprmation without navigating through the pages, e.g., zzzzz.com? picId=100&newsId=56  Keeping state in the client or URL is prone to security issues.  Other (better) solutions exist to the problem of statelessness. Client side state 26
  • 27. Four steps: article selection, personal data, credit card details, confirmation. Four scripts or one script? Maintaining state. Validating input. Security. Example: order process of an online shop 27
  • 28. (Reading) SQL injection. Cross site scripting. Some other security issues 28
  • 29.  A more recent development.  Servlet = applet run on a server.  Servlets, in general define extensions to servers (WWW or other).  Many people know Java and its many libraries.  Java is typed.  No need to learn a new language.  Basic packages are javax.servlet and javax.servlet.http  JSP is used when only little code is included in HTML documents.  Use javax.servlet.jsp and javax.servlet.jsp.tagext.  Together JSP and servlets constitute the Web side of J2EE.  Database connecting using Java DataBase Connectivity (JDBC). Method 3: Java Servlets 29
  • 30. Exe: Answer the following question: ◦ What is a keep-alive connection? Exe: List three enhances in Http 1.1 over Http 1.0 Keep-Alive Connections 30
  • 31. Web servers The http protocol URLs, URIs, and URNs MIME Scripting languages ◦ Client side ◦ Server side: SSI, CGI, servlets Summary for this session 31

Notas del editor

  1. Ex5: Connect to a web server using the telnet command: C:\\&gt;telnet www.google.com 80 GET / HTTP/1.0 HOST:www.google.com &lt;blank line&gt;
  2. The sandbox is a set of rules that are used when creating an applet that prevents certain functions when the applet is sent as part of a Web page
  3. CGI=Common Gateway Interface is a standard protocol that defines how webserver software can delegate the generation of webpages to a console application
  4. Text in a pre element is displayed in a fixed-width font, and it preserves both spaces and line breaks. Useful for code samples.
  5. http://www.tehran.ir/Default.aspx?tabid=536 … 537