SlideShare una empresa de Scribd logo

Web Architectures - Web Technologies (1019888BNR)

Beat Signer
Beat Signer

This lecture is part of a Web Technologies course given at the Vrije Universiteit Brussel

Educación
1 de 38
Descargar para leer sin conexión
2 December 2005 Web Technologies Web Architectures Prof. Beat Signer Department of Computer Science Vrije Universiteit Brussel http://www.beatsigner.com
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 2October 6, 2017 Basic Client-Server Web Architecture  Effect of typing http://www.vub.ac.be in the broswer bar (1) use a Domain Name Service (DNS) to get the IP address for www.vub.ac.be (answer 134.184.129.2) (2) create a TCP connection to 134.184.129.2 (3) send an HTTP request message over the TCP connection (4) visualise the received HTTP response message in the browser Internet Client Server HTTP Request HTTP Response
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 3October 6, 2017 Web Server  Tasks of a web server (1) setup connection (2) receive and process HTTP request (3) fetch resource (4) create and send HTTP response (5) logging  The most prominent web servers are the Apache HTTP Server and Microsoft's Internet Information Services (IIS)  A lot of devices have an embedded web server  printers, WLAN routers, TVs, ... Worldwide Web Servers, http://news.netcraft.com
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 4October 6, 2017 Example HTTP Request Message GET / HTTP/1.1 Host: www.vub.ac.be User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-gb,en;q=0.5 Accept-Encoding: gzip, deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Connection: keep-alive
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 5October 6, 2017 Example HTTP Response Message HTTP/1.1 200 OK Date: Thu, 03 Oct 2013 17:02:19 GMT Server: Apache/2.2.14 (Ubuntu) X-Powered-By: PHP/5.3.2-1ubuntu4.15 Content-Language: nl Set-Cookie: lang=nl; path=/; domain=.vub.ac.be; expires=Mon, 18-Sep-2073 17:02:16 GMT Content-Type: text/html; charset=utf-8 Keep-Alive: timeout=15, max=987 Connection: Keep-Alive Transfer-Encoding: chunked <!DOCTYPE html> <html lang="nl" dir="ltr"> <head> ... <title>Vrije Universiteit Brussel | Redelijk eigenzinnig</title> <meta name="Description" content="Welkom aan de VUB" /> ... </html>
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 6October 6, 2017 HTTP Protocol  Request/response communication model  HTTP Request  HTTP Response  Communication always has to be initiated by the client  Stateless protocol (no sessions)  HTTP can be used on top of various reliable protocols  TCP is by far the most commonly used one  runs on TCP port 80 by default  Latest version: HTTP/2.0 (May 2015)  HTTPS scheme used for encrypted connections
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 7October 6, 2017 Uniform Resource Identifier (URI)  A Uniform Resource Identifier (URI) uniquely identifies a resource  There are two types of URIs  Uniform Resource Locator (URL) - contains information about the exact location of a resource - consists of a scheme, a host and the path (resource name) - e.g. https://vub.academia.edu/BeatSigner - problem: the URL changes if resource is moved! • idea of Persistent Uniform Resource Locators (PURLs) [https://purl.oclc.org]  Uniform Resource Name (URN) - unique and location independent name for a resource - consists of a scheme name, a namespace identifier and a namespace-specific string (separated by colons) - e.g. urn:ISBN:3837027139
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 8October 6, 2017 HTTP Message Format  Request and response messages have the same format <html> ... </html> HTTP/1.1 200 OK Date: Thu, 03 Oct 2013 17:02:19 GMT Server: Apache/2.2.14 (Ubuntu) X-Powered-By: PHP/5.3.2-1ubuntu4.15 Transfer-Encoding: chunked Content-Type: text/html header field(s) blank line (CRLF) message body (optional) start line HTTP_message = start_line , {header} , "CRLF" , {body};
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 9October 6, 2017 HTTP Request Message  Request-specific start line  Methods  GET : get a resource from the server  HEAD : get the header only (no body)  POST : send data (in the body) to the server  PUT : store request body on server  TRACE : get the "final" request (after it has potentially been modified by proxies)  OPTIONS : get a list of methods supported by the server  DELETE: delete a resource on the server start_line = method, " " , resource , " " , version; method = "GET" , "HEAD" , "POST" , "PUT" , "TRACE" , "OPTIONS" , "DELETE"; resource = complete_URL | path; version = "HTTP/" , major_version, "." , minor_version;
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 10October 6, 2017 HTTP Response Message  Response-specific start line  Status codes  100-199 : informational  200-299 : success (e.g. 200 for 'OK')  300-399 : redirection  400-499 : client error (e.g. 404 for 'Not Found')  500-599 : server error (e.g. 503 for 'Service Unavailable') start_line = version , status_code , reason; version = "HTTP/" , major_version, "." , minor_version; status_code = digit , digit , digit; reason = string_phrase;
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 11October 6, 2017 HTTP Header Fields  There exist general headers (for requests and responses), request headers, response headers, entity headers and extension headers  Some important headers  Accept - request header definining the Media Type that the client will accept • formerly known as Multipurpose Internet Mail Extensions (MIME type)  User-Agent - request header specifying the type of client  Keep-Alive (HTTP/1.0) and Persistent (HTTP/1.1) - general header helping to improve the performance since otherwise a new HTTP connection has to be established for every single webpage element  Content-Type - entity header specifing the body's MIME type
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 12October 6, 2017 HTTP Header Fields ...  Some important headers ...  If-Modified-Since - request header that is used in combination with a GET request (conditional GET); the resource is only returned if it has been modified since the specified date
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 13October 6, 2017 Media Types  The Media Type defines the request or response body's content (used for appropiate processing)  7 top-level media types  Standard Media Types are registered with the Internet Assigned Numbers Authority (IANA) [RFC-6838] mediaType = toplevel_type , "/" , subtype; Media Type Description text/plain Human-readable text without formatting information text/html HTML document image/jpeg JPEG-encoded image ... ...
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 14October 6, 2017 HTTP Message Information  Various tools for HTTP message logging  e.g. HttpFox add-on for Firefox browser  Simple telnet connection  Until 1999 the W3C has been working on HTTP Next Generation (HTTP-NG) as a replacement for HTTP/1.1  never introduced  recently HTTP/2.0 has been released - inspired by Goggle’s development of SPDY telnet wise.vub.ac.be 80 (press Enter) GET /beat-signer HTTP/1.1 (press Enter) Host: wise.vub.ac.be (press Enter 2 times)
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 15October 6, 2017 Proxies  A web proxy is situated between the client and the server  acts as a server to the client and as a client to the server  can for example be specified in the browser settings; used for - firewalls and content filters - transcoding (on the fly transformation of HTTP message body) - content router (e.g. select optimal server in content distribution networks) - anonymous browsing, ... Internet Client Server Proxy
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 16October 6, 2017 Caches  A proxy cache is a special type of proxy server  can reduce server load if multiple clients share the same cache  often multi-level hierarchies of caches (e.g. continent, country and regional level) with communication between sibling and parent caches as defined by the Internet Cache Protocol (ICP)  passive or active (prefetching) caches Internet Client 1 ServerProxy Cache Client 2 1 2 12
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 17October 6, 2017 Caches ...  Special HTTP cache control header fields  Expires - expiration date after which the cached resource has to be refetched  Cache-Control: max-age - maximum age of a document (in seconds) after it has been added to the cache  Cache-Control: no-cache - response cannot be directly served from the cache (has to be revalidated first)  ...  Validators  Last-modified time as validator - cache with resource that has been last modified at time t uses an If-Modified-Since t request for updates  Entity tags (ETag) - changed by the publisher if content has changed; If-None-Match etag request
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 18October 6, 2017 Caches ...  Advantages  reduces latency and used network bandwidth  reduces server load (client and reverse proxy caches)  transparent to client and server  Disadvantages  additional resources (hardware) required  might get stale data out of the cache  creates additional network traffic if we use an active caching approach (prefetching) but achieve a low cache hit rate  server loses control (e.g. access statistics) since no longer all requests have to be sent to the server
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 19October 6, 2017 Tunnels  Implement one protocol on top of another protocol  e.g. HTTP as a carrier for SSL connections  Often used to "open" a firewall to protocols that would otherwise be blocked  e.g. tunneling of SSL connections through an open HTTP port Internet SSL Client SSL Server SSL HTTP SSL HTTP[SSL] HTTP[SSL]
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 20October 6, 2017 Gateways  A gateway can act as a kind of "glue" between applications (client) and resources (server)  translate between two protocols (e.g. from HTTP to FTP)  security accelerator (e.g. HTTPS/HTTP on the server side)  often the gateway and destination server are combined in a single application server (HTTP to server application translator) Internet HTTP Client FTP Server HTTP/FTP Gateway HTTP FTP
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 21October 6, 2017 Session Management  HTTP is a stateless protocol  Session (state) tracking solutions  use of IP address - problem: IP address is often not uniquely assigned to a single user  browser login - use of special HTTP authenticate headers - after a login the browser sends the user information in each request  URL rewriting - add information to the URL in each request  hidden form fields - similar to URL rewriting but information can also be in body (POST request)  cookies - the server stores a piece of information on the client which is then sent back to the server with each request
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 22October 6, 2017 Cookies  Introduced by Netscape in June 1994  A cookie is a piece of information that is assigned to a client on their first visit  list of <key,value> pairs  often just a unique identifier  sent via Set-Cookie or Set-Cookie2 HTTP response headers  Browser stores the information in a "cookie database" and sends it back every time the same server is accessed  Potential privacy issues  third-party websites might use persistent cookies for user tracking  Cookies can be disabled in the browser settings
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 23October 6, 2017 Hypertext Markup Language (HTML)  Dominant markup language for webpages  If you never heard about HTML have a look at  http://www.w3schools.com/html/  More details in the exercise and in the next lecture <!DOCTYPE html> <html lang="en"> <head> <title>Beat Signer: Interactive Paper, PaperWorks, Paper++, ...</title> </head> <body> Beat Signer is Associate Professor of Computer Science at the VUB and co-director of the WISE laboratory ... </body> </html>
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 24October 6, 2017 Dynamic Web Content  Often it is not enough to serve static web pages but content should be changed on the client or server side  Server-side processing  Common Gateway Interface (CGI)  Java Servlets  JavaServer Pages (JSP)  PHP: Hypertext Preprocessor (PHP)  ...  Client-side processing  JavaScript  Java Applets  Adobe Flash  ...
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 25October 6, 2017 Common Gateway Interface (CGI)  CGI was the first server-side processing solution  transparent to the user  certain requests (e.g. /account.pl) are forwarded via CGI to a program by creating a new process  program processes the request and creates an answer with optional HTTP response headers Internet Client Server HTTP Request HTTP Response Program in Perl, Tcl, C, C++, Java, .. HTML Pages CGI
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 26October 6, 2017 Common Gateway Interface (CGI) ...  CGI Problems  a new process has to be started for each request  if the CGI program for example acts as a gateway to a database, a new DB connection has to be established for each request which results in a very poor performance  FastCGI solves some of the problems by introducing persistent processes and process pools  CGI/FastCGI becomes more and more replaced by other technologies (e.g. Java Servlets)
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 27October 6, 2017 Java Servlets  A Java servlet is a Java class that has to extend the abstract HTTPServlet class  The Java servlet class is loaded by a servlet container and relevant requests (based on a servlet binding) are forwarded to the servlet instance for further processing Internet Client Server HTTP Request HTTP Response HTML Pages Servlet Container Servlets
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 28October 6, 2017 Java Servlets ...  Main HttpServlet methods  Servlet life cycle  a servlet is initialised once via the init() method  the doGet(), doPost() methods may be executed multiple times (by different HTTP requests)  finally the servlet container may unload a servlet (upcall of the destroy() method before that happens)  Servlet container (e.g. Apache Tomcat) either integrated with web server or as standalone component doGet(HttpServletRequest req, HttpServletResponse resp) doPost(HttpServletRequest req, HttpServletResponse resp) init(ServletConfig config) destroy()
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 29October 6, 2017 Java Servlet Example  In the exercise you will learn how to process parameters etc. package org.vub.wise; import java.io.*; import java.util.Date; import javax.servlet.http.*; import javax.servlet.*; public class HelloWorldServlet extends HttpServlet { public void doGet (HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { PrintWriter out = res.getWriter(); out.println("<html>"); out.println("<head><title>Hello World</title></head>"); out.println("<body>The time is " + new Date().toString() + "</body>"); out.println("</html>"); out.close(); } }
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 30October 6, 2017 JavaServer Pages (JSP)  A "drawback" of Java servlets is that the whole page (e.g. HTML) has to be defined within the servlet  not easy to share tasks between web designer and programmer  Add program code through scriptlets and markup to existing HTML pages  These JSP documents are then either interpreted on the fly (Apache Tomcat) or compiled into Java servlets  The JSP approach is similar to PHP or Active Server Pages (ASP)  Note that Java Servlets become more and more an enabling technology (as with JSP)
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 31October 6, 2017 JavaScript  Interpreted scripting language for client-side processing  JavaScript functionality often embedded in HTML documents but can also be provided in separate files  JavaScript often used to  validate data (e.g. in a form)  dynamically add content to a webpage  process events (onLoad, onFocus, etc.)  change parts of the original HTML document  create cookies  ...  Note: Java and JavaScript are completely different languages!
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 32October 6, 2017 JavaScript Example  More details about JavaScript in lecture 6 and in the exercise session <html> <body> <script type="text/javascript"> document.write("<h1>Hello World!</h1>"); </script> </body> </html>
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 33October 6, 2017 Java Applets  A Java applet is a program delivered to the client side in the form of Java bytecode  executed in the browser using a Java Virtual Machine (JVM)  an applet has to extend the Applet or JApplet class  runs in the sandbox  Advantages  the user automatically always has the most recent version  high security for untrusted applets  full Java API available  Disadvantages  requires a browser Java plug-in
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 34October 6, 2017 Java Applets ...  Disadvantages ...  only signed applets can get more advanced functionality - e.g. network connections to other machines than the source machine  More recently Java Web Start (JavaWS) is replacing Java Applets  program no longer runs within the browser - less problematic security restrictions - less browser compatibility issues  Math and Physics Applet Examples  http://www.falstad.com/mathphysics.html
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 35October 6, 2017 Exercise 2  Hands-on experience with the HTTP protocol
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 36October 6, 2017 References  David Gourley et al., HTTP: The Definitive Guide, O'Reilly Media, September 2002  R. Fielding et al., RFC2616 - Hypertext Transfer Protocol - HTTP/1.1  http://www.faqs.org/rfcs/rfc2616.html  N. Freed et al., RFC6838 - Media Type Specifications and Registration Procedures  http://www.faqs.org/rfcs/rfc6838.html  HTML and JavaScript Tutorials  http://www.w3schools.com
Beat Signer - Department of Computer Science - bsigner@vub.ac.be 37October 6, 2017 References ...  M. Knutson, HTTP: The Hypertext Transfer Protocol (refcardz #172)  http://refcardz.dzone.com/refcardz/http-hypertext-transfer-0  W. Jason Gilmore, PHP 5.4 (refcardz #23)  http://refcardz.dzone.com/refcardz/php-54-scalable  Java Servlet Tutorial  http://www.tutorialspoint.com/servlets/
2 December 2005 Next Lecture HTML5 and the Open Web Platform

Recomendados

Web Architectures - Lecture 02 - Web Information Systems (4011474FNR)
Web Architectures - Lecture 02 - Web Information Systems (4011474FNR)Web Architectures - Lecture 02 - Web Information Systems (4011474FNR)
Web Architectures - Lecture 02 - Web Information Systems (4011474FNR)
Beat Signer
 
Web Application Frameworks - Web Technologies (1019888BNR)
Web Application Frameworks - Web Technologies (1019888BNR)Web Application Frameworks - Web Technologies (1019888BNR)
Web Application Frameworks - Web Technologies (1019888BNR)
Beat Signer
 
Web Search - Lecture 10 - Web Information Systems (4011474FNR)
Web Search - Lecture 10 - Web Information Systems (4011474FNR)Web Search - Lecture 10 - Web Information Systems (4011474FNR)
Web Search - Lecture 10 - Web Information Systems (4011474FNR)
Beat Signer
 
HTML5 and the Open Web Platform - Web Technologies (1019888BNR)
HTML5 and the Open Web Platform - Web Technologies (1019888BNR)HTML5 and the Open Web Platform - Web Technologies (1019888BNR)
HTML5 and the Open Web Platform - Web Technologies (1019888BNR)
Beat Signer
 
HTML5 and the Open Web Platform - Lecture 03 - Web Information Systems (WE-DI...
HTML5 and the Open Web Platform - Lecture 03 - Web Information Systems (WE-DI...HTML5 and the Open Web Platform - Lecture 03 - Web Information Systems (WE-DI...
HTML5 and the Open Web Platform - Lecture 03 - Web Information Systems (WE-DI...
Beat Signer
 
Security, Privacy and Trust - Lecture 11 - Web Information Systems (4011474FNR)
Security, Privacy and Trust - Lecture 11 - Web Information Systems (4011474FNR) Security, Privacy and Trust - Lecture 11 - Web Information Systems (4011474FNR)
Security, Privacy and Trust - Lecture 11 - Web Information Systems (4011474FNR)
Beat Signer
 
JavaScript and jQuery - Web Technologies (1019888BNR)
JavaScript and jQuery - Web Technologies (1019888BNR)JavaScript and jQuery - Web Technologies (1019888BNR)
JavaScript and jQuery - Web Technologies (1019888BNR)
Beat Signer
 
Security, Privacy and Trust - Web Technologies (1019888BNR)
Security, Privacy and Trust - Web Technologies (1019888BNR)Security, Privacy and Trust - Web Technologies (1019888BNR)
Security, Privacy and Trust - Web Technologies (1019888BNR)
Beat Signer
 

Recomendados

Web Architectures - Lecture 02 - Web Information Systems (4011474FNR)
Web Architectures - Lecture 02 - Web Information Systems (4011474FNR)Web Architectures - Lecture 02 - Web Information Systems (4011474FNR)
Web Architectures - Lecture 02 - Web Information Systems (4011474FNR)
Beat Signer
 
Web Application Frameworks - Web Technologies (1019888BNR)
Web Application Frameworks - Web Technologies (1019888BNR)Web Application Frameworks - Web Technologies (1019888BNR)
Web Application Frameworks - Web Technologies (1019888BNR)
Beat Signer
 
Web Search - Lecture 10 - Web Information Systems (4011474FNR)
Web Search - Lecture 10 - Web Information Systems (4011474FNR)Web Search - Lecture 10 - Web Information Systems (4011474FNR)
Web Search - Lecture 10 - Web Information Systems (4011474FNR)
Beat Signer
 
HTML5 and the Open Web Platform - Web Technologies (1019888BNR)
HTML5 and the Open Web Platform - Web Technologies (1019888BNR)HTML5 and the Open Web Platform - Web Technologies (1019888BNR)
HTML5 and the Open Web Platform - Web Technologies (1019888BNR)
Beat Signer
 
HTML5 and the Open Web Platform - Lecture 03 - Web Information Systems (WE-DI...
HTML5 and the Open Web Platform - Lecture 03 - Web Information Systems (WE-DI...HTML5 and the Open Web Platform - Lecture 03 - Web Information Systems (WE-DI...
HTML5 and the Open Web Platform - Lecture 03 - Web Information Systems (WE-DI...
Beat Signer
 
Security, Privacy and Trust - Lecture 11 - Web Information Systems (4011474FNR)
Security, Privacy and Trust - Lecture 11 - Web Information Systems (4011474FNR) Security, Privacy and Trust - Lecture 11 - Web Information Systems (4011474FNR)
Security, Privacy and Trust - Lecture 11 - Web Information Systems (4011474FNR)
Beat Signer
 
JavaScript and jQuery - Web Technologies (1019888BNR)
JavaScript and jQuery - Web Technologies (1019888BNR)JavaScript and jQuery - Web Technologies (1019888BNR)
JavaScript and jQuery - Web Technologies (1019888BNR)
Beat Signer
 
Security, Privacy and Trust - Web Technologies (1019888BNR)
Security, Privacy and Trust - Web Technologies (1019888BNR)Security, Privacy and Trust - Web Technologies (1019888BNR)
Security, Privacy and Trust - Web Technologies (1019888BNR)
Beat Signer
 
Browser Security
Browser SecurityBrowser Security
Browser Security
Roberto Suggi Liverani
 
Introduction to HTTP
Introduction to HTTPIntroduction to HTTP
Introduction to HTTP
Seble Nigussie
 
20190516 web security-basic
20190516 web security-basic20190516 web security-basic
20190516 web security-basic
MksYi
 
Web Architecture and Technologies
Web Architecture and TechnologiesWeb Architecture and Technologies
Web Architecture and Technologies
Fulvio Corno
 
Lecture1-Introduction to Web.pptx
Lecture1-Introduction to Web.pptxLecture1-Introduction to Web.pptx
Lecture1-Introduction to Web.pptx
GIRISHKUMARBC1
 
12 core technologies you should learn, love, and hate to be a 'real' technocrat
12 core technologies you should learn, love, and hate to be a 'real' technocrat12 core technologies you should learn, love, and hate to be a 'real' technocrat
12 core technologies you should learn, love, and hate to be a 'real' technocrat
linoj
 
PHP Training: Module 1
PHP Training: Module 1PHP Training: Module 1
PHP Training: Module 1
hussulinux
 
Web Fundamentals
Web FundamentalsWeb Fundamentals
Web Fundamentals
arunv
 
World Wide Web(WWW)
World Wide Web(WWW)World Wide Web(WWW)
World Wide Web(WWW)
Pratik Tambekar
 
Spring 2007 SharePoint Connections Oleson Advanced Administration and Plannin...
Spring 2007 SharePoint Connections Oleson Advanced Administration and Plannin...Spring 2007 SharePoint Connections Oleson Advanced Administration and Plannin...
Spring 2007 SharePoint Connections Oleson Advanced Administration and Plannin...
Joel Oleson
 
How Web Browsers Work
How Web Browsers WorkHow Web Browsers Work
How Web Browsers Work
military
 
Sergey Stoyan 2016
Sergey Stoyan 2016Sergey Stoyan 2016
Sergey Stoyan 2016
Sergey Stoyan
 
Sergey Stoyan 2016
Sergey Stoyan 2016Sergey Stoyan 2016
Sergey Stoyan 2016
Sergey Stoyan
 
Browser security
Browser securityBrowser security
Browser security
Uday Anand
 
Lec 7(HTTP Protocol)
Lec 7(HTTP Protocol)Lec 7(HTTP Protocol)
Lec 7(HTTP Protocol)
maamir farooq
 
Webtechnologies
Webtechnologies Webtechnologies
Webtechnologies
-jyothish kumar sirigidi
 
Introduction to Web Programming - first course
Introduction to Web Programming - first courseIntroduction to Web Programming - first course
Introduction to Web Programming - first course
Vlad Posea
 
CSU33012-I-microservices.pdf
CSU33012-I-microservices.pdfCSU33012-I-microservices.pdf
CSU33012-I-microservices.pdf
Ricky Garg
 
Computer network (10)
Computer network (10)Computer network (10)
Computer network (10)
NYversity
 
MOSS 2007 Deployment Fundamentals -Part2
MOSS 2007 Deployment Fundamentals -Part2MOSS 2007 Deployment Fundamentals -Part2
MOSS 2007 Deployment Fundamentals -Part2
Information Technology
 
Introduction - Lecture 1 - Human-Computer Interaction (1023841ANR)
Introduction - Lecture 1 - Human-Computer Interaction (1023841ANR)Introduction - Lecture 1 - Human-Computer Interaction (1023841ANR)
Introduction - Lecture 1 - Human-Computer Interaction (1023841ANR)
Beat Signer
 
Indoor Positioning Using the OpenHPS Framework
Indoor Positioning Using the OpenHPS FrameworkIndoor Positioning Using the OpenHPS Framework
Indoor Positioning Using the OpenHPS Framework
Beat Signer
 

Más contenido relacionado

Similar a Web Architectures - Web Technologies (1019888BNR)

Introduction to Web Programming - first course
Introduction to Web Programming - first courseIntroduction to Web Programming - first course
Introduction to Web Programming - first course
Vlad Posea
 
CSU33012-I-microservices.pdf
CSU33012-I-microservices.pdfCSU33012-I-microservices.pdf
CSU33012-I-microservices.pdf
Ricky Garg
 
Computer network (10)
Computer network (10)Computer network (10)
Computer network (10)
NYversity
 
MOSS 2007 Deployment Fundamentals -Part2
MOSS 2007 Deployment Fundamentals -Part2MOSS 2007 Deployment Fundamentals -Part2
MOSS 2007 Deployment Fundamentals -Part2
Information Technology
 

Similar a Web Architectures - Web Technologies (1019888BNR) (20)

Browser Security
Browser SecurityBrowser Security
Browser Security
 
Introduction to HTTP
Introduction to HTTPIntroduction to HTTP
Introduction to HTTP
 
20190516 web security-basic
20190516 web security-basic20190516 web security-basic
20190516 web security-basic
 
Web Architecture and Technologies
Web Architecture and TechnologiesWeb Architecture and Technologies
Web Architecture and Technologies
 
Lecture1-Introduction to Web.pptx
Lecture1-Introduction to Web.pptxLecture1-Introduction to Web.pptx
Lecture1-Introduction to Web.pptx
 
12 core technologies you should learn, love, and hate to be a 'real' technocrat
12 core technologies you should learn, love, and hate to be a 'real' technocrat12 core technologies you should learn, love, and hate to be a 'real' technocrat
12 core technologies you should learn, love, and hate to be a 'real' technocrat
 
PHP Training: Module 1
PHP Training: Module 1PHP Training: Module 1
PHP Training: Module 1
 
Web Fundamentals
Web FundamentalsWeb Fundamentals
Web Fundamentals
 
World Wide Web(WWW)
World Wide Web(WWW)World Wide Web(WWW)
World Wide Web(WWW)
 
Spring 2007 SharePoint Connections Oleson Advanced Administration and Plannin...
Spring 2007 SharePoint Connections Oleson Advanced Administration and Plannin...Spring 2007 SharePoint Connections Oleson Advanced Administration and Plannin...
Spring 2007 SharePoint Connections Oleson Advanced Administration and Plannin...
 
How Web Browsers Work
How Web Browsers WorkHow Web Browsers Work
How Web Browsers Work
 
Sergey Stoyan 2016
Sergey Stoyan 2016Sergey Stoyan 2016
Sergey Stoyan 2016
 
Sergey Stoyan 2016
Sergey Stoyan 2016Sergey Stoyan 2016
Sergey Stoyan 2016
 
Browser security
Browser securityBrowser security
Browser security
 
Lec 7(HTTP Protocol)
Lec 7(HTTP Protocol)Lec 7(HTTP Protocol)
Lec 7(HTTP Protocol)
 
Webtechnologies
Webtechnologies Webtechnologies
Webtechnologies
 
Introduction to Web Programming - first course
Introduction to Web Programming - first courseIntroduction to Web Programming - first course
Introduction to Web Programming - first course
 
CSU33012-I-microservices.pdf
CSU33012-I-microservices.pdfCSU33012-I-microservices.pdf
CSU33012-I-microservices.pdf
 
Computer network (10)
Computer network (10)Computer network (10)
Computer network (10)
 
MOSS 2007 Deployment Fundamentals -Part2
MOSS 2007 Deployment Fundamentals -Part2MOSS 2007 Deployment Fundamentals -Part2
MOSS 2007 Deployment Fundamentals -Part2
 

Más de Beat Signer

Indoor Positioning Using the OpenHPS Framework
Indoor Positioning Using the OpenHPS FrameworkIndoor Positioning Using the OpenHPS Framework
Indoor Positioning Using the OpenHPS Framework
Beat Signer
 
Personalised Learning Environments Based on Knowledge Graphs and the Zone of ...
Personalised Learning Environments Based on Knowledge Graphs and the Zone of ...Personalised Learning Environments Based on Knowledge Graphs and the Zone of ...
Personalised Learning Environments Based on Knowledge Graphs and the Zone of ...
Beat Signer
 
Codeschool in a Box: A Low-Barrier Approach to Packaging Programming Curricula
Codeschool in a Box: A Low-Barrier Approach to Packaging Programming CurriculaCodeschool in a Box: A Low-Barrier Approach to Packaging Programming Curricula
Codeschool in a Box: A Low-Barrier Approach to Packaging Programming Curricula
Beat Signer
 
Towards a Framework for Dynamic Data Physicalisation
Towards a Framework for Dynamic Data PhysicalisationTowards a Framework for Dynamic Data Physicalisation
Towards a Framework for Dynamic Data Physicalisation
Beat Signer
 

Más de Beat Signer (20)

Introduction - Lecture 1 - Human-Computer Interaction (1023841ANR)
Introduction - Lecture 1 - Human-Computer Interaction (1023841ANR)Introduction - Lecture 1 - Human-Computer Interaction (1023841ANR)
Introduction - Lecture 1 - Human-Computer Interaction (1023841ANR)
 
Indoor Positioning Using the OpenHPS Framework
Indoor Positioning Using the OpenHPS FrameworkIndoor Positioning Using the OpenHPS Framework
Indoor Positioning Using the OpenHPS Framework
 
Personalised Learning Environments Based on Knowledge Graphs and the Zone of ...
Personalised Learning Environments Based on Knowledge Graphs and the Zone of ...Personalised Learning Environments Based on Knowledge Graphs and the Zone of ...
Personalised Learning Environments Based on Knowledge Graphs and the Zone of ...
 
Cross-Media Technologies and Applications - Future Directions for Personal In...
Cross-Media Technologies and Applications - Future Directions for Personal In...Cross-Media Technologies and Applications - Future Directions for Personal In...
Cross-Media Technologies and Applications - Future Directions for Personal In...
 
Bridging the Gap: Managing and Interacting with Information Across Media Boun...
Bridging the Gap: Managing and Interacting with Information Across Media Boun...Bridging the Gap: Managing and Interacting with Information Across Media Boun...
Bridging the Gap: Managing and Interacting with Information Across Media Boun...
 
Codeschool in a Box: A Low-Barrier Approach to Packaging Programming Curricula
Codeschool in a Box: A Low-Barrier Approach to Packaging Programming CurriculaCodeschool in a Box: A Low-Barrier Approach to Packaging Programming Curricula
Codeschool in a Box: A Low-Barrier Approach to Packaging Programming Curricula
 
The RSL Hypermedia Metamodel and Its Application in Cross-Media Solutions
The RSL Hypermedia Metamodel and Its Application in Cross-Media Solutions The RSL Hypermedia Metamodel and Its Application in Cross-Media Solutions
The RSL Hypermedia Metamodel and Its Application in Cross-Media Solutions
 
Case Studies and Course Review - Lecture 12 - Information Visualisation (4019...
Case Studies and Course Review - Lecture 12 - Information Visualisation (4019...Case Studies and Course Review - Lecture 12 - Information Visualisation (4019...
Case Studies and Course Review - Lecture 12 - Information Visualisation (4019...
 
Dashboards - Lecture 11 - Information Visualisation (4019538FNR)
Dashboards - Lecture 11 - Information Visualisation (4019538FNR)Dashboards - Lecture 11 - Information Visualisation (4019538FNR)
Dashboards - Lecture 11 - Information Visualisation (4019538FNR)
 
Interaction - Lecture 10 - Information Visualisation (4019538FNR)
Interaction - Lecture 10 - Information Visualisation (4019538FNR)Interaction - Lecture 10 - Information Visualisation (4019538FNR)
Interaction - Lecture 10 - Information Visualisation (4019538FNR)
 
View Manipulation and Reduction - Lecture 9 - Information Visualisation (4019...
View Manipulation and Reduction - Lecture 9 - Information Visualisation (4019...View Manipulation and Reduction - Lecture 9 - Information Visualisation (4019...
View Manipulation and Reduction - Lecture 9 - Information Visualisation (4019...
 
Visualisation Techniques - Lecture 8 - Information Visualisation (4019538FNR)
Visualisation Techniques - Lecture 8 - Information Visualisation (4019538FNR)Visualisation Techniques - Lecture 8 - Information Visualisation (4019538FNR)
Visualisation Techniques - Lecture 8 - Information Visualisation (4019538FNR)
 
Design Guidelines and Principles - Lecture 7 - Information Visualisation (401...
Design Guidelines and Principles - Lecture 7 - Information Visualisation (401...Design Guidelines and Principles - Lecture 7 - Information Visualisation (401...
Design Guidelines and Principles - Lecture 7 - Information Visualisation (401...
 
Data Processing and Visualisation Frameworks - Lecture 6 - Information Visual...
Data Processing and Visualisation Frameworks - Lecture 6 - Information Visual...Data Processing and Visualisation Frameworks - Lecture 6 - Information Visual...
Data Processing and Visualisation Frameworks - Lecture 6 - Information Visual...
 
Data Presentation - Lecture 5 - Information Visualisation (4019538FNR)
Data Presentation - Lecture 5 - Information Visualisation (4019538FNR)Data Presentation - Lecture 5 - Information Visualisation (4019538FNR)
Data Presentation - Lecture 5 - Information Visualisation (4019538FNR)
 
Analysis and Validation - Lecture 4 - Information Visualisation (4019538FNR)
Analysis and Validation - Lecture 4 - Information Visualisation (4019538FNR)Analysis and Validation - Lecture 4 - Information Visualisation (4019538FNR)
Analysis and Validation - Lecture 4 - Information Visualisation (4019538FNR)
 
Data Representation - Lecture 3 - Information Visualisation (4019538FNR)
Data Representation - Lecture 3 - Information Visualisation (4019538FNR)Data Representation - Lecture 3 - Information Visualisation (4019538FNR)
Data Representation - Lecture 3 - Information Visualisation (4019538FNR)
 
Human Perception and Colour Theory - Lecture 2 - Information Visualisation (4...
Human Perception and Colour Theory - Lecture 2 - Information Visualisation (4...Human Perception and Colour Theory - Lecture 2 - Information Visualisation (4...
Human Perception and Colour Theory - Lecture 2 - Information Visualisation (4...
 
Introduction - Lecture 1 - Information Visualisation (4019538FNR)
Introduction - Lecture 1 - Information Visualisation (4019538FNR)Introduction - Lecture 1 - Information Visualisation (4019538FNR)
Introduction - Lecture 1 - Information Visualisation (4019538FNR)
 
Towards a Framework for Dynamic Data Physicalisation
Towards a Framework for Dynamic Data PhysicalisationTowards a Framework for Dynamic Data Physicalisation
Towards a Framework for Dynamic Data Physicalisation
 

Último

Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
PECB
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
Chris Hunter
 
An Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdfAn Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdf
SanaAli374401
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
QucHHunhnh
 

Último (20)

microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
 
An Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdfAn Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdf
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 

Web Architectures - Web Technologies (1019888BNR)

  • 1. 2 December 2005 Web Technologies Web Architectures Prof. Beat Signer Department of Computer Science Vrije Universiteit Brussel http://www.beatsigner.com
  • 2. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 2October 6, 2017 Basic Client-Server Web Architecture  Effect of typing http://www.vub.ac.be in the broswer bar (1) use a Domain Name Service (DNS) to get the IP address for www.vub.ac.be (answer 134.184.129.2) (2) create a TCP connection to 134.184.129.2 (3) send an HTTP request message over the TCP connection (4) visualise the received HTTP response message in the browser Internet Client Server HTTP Request HTTP Response
  • 3. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 3October 6, 2017 Web Server  Tasks of a web server (1) setup connection (2) receive and process HTTP request (3) fetch resource (4) create and send HTTP response (5) logging  The most prominent web servers are the Apache HTTP Server and Microsoft's Internet Information Services (IIS)  A lot of devices have an embedded web server  printers, WLAN routers, TVs, ... Worldwide Web Servers, http://news.netcraft.com
  • 4. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 4October 6, 2017 Example HTTP Request Message GET / HTTP/1.1 Host: www.vub.ac.be User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-gb,en;q=0.5 Accept-Encoding: gzip, deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Connection: keep-alive
  • 5. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 5October 6, 2017 Example HTTP Response Message HTTP/1.1 200 OK Date: Thu, 03 Oct 2013 17:02:19 GMT Server: Apache/2.2.14 (Ubuntu) X-Powered-By: PHP/5.3.2-1ubuntu4.15 Content-Language: nl Set-Cookie: lang=nl; path=/; domain=.vub.ac.be; expires=Mon, 18-Sep-2073 17:02:16 GMT Content-Type: text/html; charset=utf-8 Keep-Alive: timeout=15, max=987 Connection: Keep-Alive Transfer-Encoding: chunked <!DOCTYPE html> <html lang="nl" dir="ltr"> <head> ... <title>Vrije Universiteit Brussel | Redelijk eigenzinnig</title> <meta name="Description" content="Welkom aan de VUB" /> ... </html>
  • 6. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 6October 6, 2017 HTTP Protocol  Request/response communication model  HTTP Request  HTTP Response  Communication always has to be initiated by the client  Stateless protocol (no sessions)  HTTP can be used on top of various reliable protocols  TCP is by far the most commonly used one  runs on TCP port 80 by default  Latest version: HTTP/2.0 (May 2015)  HTTPS scheme used for encrypted connections
  • 7. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 7October 6, 2017 Uniform Resource Identifier (URI)  A Uniform Resource Identifier (URI) uniquely identifies a resource  There are two types of URIs  Uniform Resource Locator (URL) - contains information about the exact location of a resource - consists of a scheme, a host and the path (resource name) - e.g. https://vub.academia.edu/BeatSigner - problem: the URL changes if resource is moved! • idea of Persistent Uniform Resource Locators (PURLs) [https://purl.oclc.org]  Uniform Resource Name (URN) - unique and location independent name for a resource - consists of a scheme name, a namespace identifier and a namespace-specific string (separated by colons) - e.g. urn:ISBN:3837027139
  • 8. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 8October 6, 2017 HTTP Message Format  Request and response messages have the same format <html> ... </html> HTTP/1.1 200 OK Date: Thu, 03 Oct 2013 17:02:19 GMT Server: Apache/2.2.14 (Ubuntu) X-Powered-By: PHP/5.3.2-1ubuntu4.15 Transfer-Encoding: chunked Content-Type: text/html header field(s) blank line (CRLF) message body (optional) start line HTTP_message = start_line , {header} , "CRLF" , {body};
  • 9. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 9October 6, 2017 HTTP Request Message  Request-specific start line  Methods  GET : get a resource from the server  HEAD : get the header only (no body)  POST : send data (in the body) to the server  PUT : store request body on server  TRACE : get the "final" request (after it has potentially been modified by proxies)  OPTIONS : get a list of methods supported by the server  DELETE: delete a resource on the server start_line = method, " " , resource , " " , version; method = "GET" , "HEAD" , "POST" , "PUT" , "TRACE" , "OPTIONS" , "DELETE"; resource = complete_URL | path; version = "HTTP/" , major_version, "." , minor_version;
  • 10. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 10October 6, 2017 HTTP Response Message  Response-specific start line  Status codes  100-199 : informational  200-299 : success (e.g. 200 for 'OK')  300-399 : redirection  400-499 : client error (e.g. 404 for 'Not Found')  500-599 : server error (e.g. 503 for 'Service Unavailable') start_line = version , status_code , reason; version = "HTTP/" , major_version, "." , minor_version; status_code = digit , digit , digit; reason = string_phrase;
  • 11. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 11October 6, 2017 HTTP Header Fields  There exist general headers (for requests and responses), request headers, response headers, entity headers and extension headers  Some important headers  Accept - request header definining the Media Type that the client will accept • formerly known as Multipurpose Internet Mail Extensions (MIME type)  User-Agent - request header specifying the type of client  Keep-Alive (HTTP/1.0) and Persistent (HTTP/1.1) - general header helping to improve the performance since otherwise a new HTTP connection has to be established for every single webpage element  Content-Type - entity header specifing the body's MIME type
  • 12. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 12October 6, 2017 HTTP Header Fields ...  Some important headers ...  If-Modified-Since - request header that is used in combination with a GET request (conditional GET); the resource is only returned if it has been modified since the specified date
  • 13. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 13October 6, 2017 Media Types  The Media Type defines the request or response body's content (used for appropiate processing)  7 top-level media types  Standard Media Types are registered with the Internet Assigned Numbers Authority (IANA) [RFC-6838] mediaType = toplevel_type , "/" , subtype; Media Type Description text/plain Human-readable text without formatting information text/html HTML document image/jpeg JPEG-encoded image ... ...
  • 14. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 14October 6, 2017 HTTP Message Information  Various tools for HTTP message logging  e.g. HttpFox add-on for Firefox browser  Simple telnet connection  Until 1999 the W3C has been working on HTTP Next Generation (HTTP-NG) as a replacement for HTTP/1.1  never introduced  recently HTTP/2.0 has been released - inspired by Goggle’s development of SPDY telnet wise.vub.ac.be 80 (press Enter) GET /beat-signer HTTP/1.1 (press Enter) Host: wise.vub.ac.be (press Enter 2 times)
  • 15. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 15October 6, 2017 Proxies  A web proxy is situated between the client and the server  acts as a server to the client and as a client to the server  can for example be specified in the browser settings; used for - firewalls and content filters - transcoding (on the fly transformation of HTTP message body) - content router (e.g. select optimal server in content distribution networks) - anonymous browsing, ... Internet Client Server Proxy
  • 16. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 16October 6, 2017 Caches  A proxy cache is a special type of proxy server  can reduce server load if multiple clients share the same cache  often multi-level hierarchies of caches (e.g. continent, country and regional level) with communication between sibling and parent caches as defined by the Internet Cache Protocol (ICP)  passive or active (prefetching) caches Internet Client 1 ServerProxy Cache Client 2 1 2 12
  • 17. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 17October 6, 2017 Caches ...  Special HTTP cache control header fields  Expires - expiration date after which the cached resource has to be refetched  Cache-Control: max-age - maximum age of a document (in seconds) after it has been added to the cache  Cache-Control: no-cache - response cannot be directly served from the cache (has to be revalidated first)  ...  Validators  Last-modified time as validator - cache with resource that has been last modified at time t uses an If-Modified-Since t request for updates  Entity tags (ETag) - changed by the publisher if content has changed; If-None-Match etag request
  • 18. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 18October 6, 2017 Caches ...  Advantages  reduces latency and used network bandwidth  reduces server load (client and reverse proxy caches)  transparent to client and server  Disadvantages  additional resources (hardware) required  might get stale data out of the cache  creates additional network traffic if we use an active caching approach (prefetching) but achieve a low cache hit rate  server loses control (e.g. access statistics) since no longer all requests have to be sent to the server
  • 19. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 19October 6, 2017 Tunnels  Implement one protocol on top of another protocol  e.g. HTTP as a carrier for SSL connections  Often used to "open" a firewall to protocols that would otherwise be blocked  e.g. tunneling of SSL connections through an open HTTP port Internet SSL Client SSL Server SSL HTTP SSL HTTP[SSL] HTTP[SSL]
  • 20. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 20October 6, 2017 Gateways  A gateway can act as a kind of "glue" between applications (client) and resources (server)  translate between two protocols (e.g. from HTTP to FTP)  security accelerator (e.g. HTTPS/HTTP on the server side)  often the gateway and destination server are combined in a single application server (HTTP to server application translator) Internet HTTP Client FTP Server HTTP/FTP Gateway HTTP FTP
  • 21. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 21October 6, 2017 Session Management  HTTP is a stateless protocol  Session (state) tracking solutions  use of IP address - problem: IP address is often not uniquely assigned to a single user  browser login - use of special HTTP authenticate headers - after a login the browser sends the user information in each request  URL rewriting - add information to the URL in each request  hidden form fields - similar to URL rewriting but information can also be in body (POST request)  cookies - the server stores a piece of information on the client which is then sent back to the server with each request
  • 22. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 22October 6, 2017 Cookies  Introduced by Netscape in June 1994  A cookie is a piece of information that is assigned to a client on their first visit  list of <key,value> pairs  often just a unique identifier  sent via Set-Cookie or Set-Cookie2 HTTP response headers  Browser stores the information in a "cookie database" and sends it back every time the same server is accessed  Potential privacy issues  third-party websites might use persistent cookies for user tracking  Cookies can be disabled in the browser settings
  • 23. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 23October 6, 2017 Hypertext Markup Language (HTML)  Dominant markup language for webpages  If you never heard about HTML have a look at  http://www.w3schools.com/html/  More details in the exercise and in the next lecture <!DOCTYPE html> <html lang="en"> <head> <title>Beat Signer: Interactive Paper, PaperWorks, Paper++, ...</title> </head> <body> Beat Signer is Associate Professor of Computer Science at the VUB and co-director of the WISE laboratory ... </body> </html>
  • 24. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 24October 6, 2017 Dynamic Web Content  Often it is not enough to serve static web pages but content should be changed on the client or server side  Server-side processing  Common Gateway Interface (CGI)  Java Servlets  JavaServer Pages (JSP)  PHP: Hypertext Preprocessor (PHP)  ...  Client-side processing  JavaScript  Java Applets  Adobe Flash  ...
  • 25. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 25October 6, 2017 Common Gateway Interface (CGI)  CGI was the first server-side processing solution  transparent to the user  certain requests (e.g. /account.pl) are forwarded via CGI to a program by creating a new process  program processes the request and creates an answer with optional HTTP response headers Internet Client Server HTTP Request HTTP Response Program in Perl, Tcl, C, C++, Java, .. HTML Pages CGI
  • 26. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 26October 6, 2017 Common Gateway Interface (CGI) ...  CGI Problems  a new process has to be started for each request  if the CGI program for example acts as a gateway to a database, a new DB connection has to be established for each request which results in a very poor performance  FastCGI solves some of the problems by introducing persistent processes and process pools  CGI/FastCGI becomes more and more replaced by other technologies (e.g. Java Servlets)
  • 27. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 27October 6, 2017 Java Servlets  A Java servlet is a Java class that has to extend the abstract HTTPServlet class  The Java servlet class is loaded by a servlet container and relevant requests (based on a servlet binding) are forwarded to the servlet instance for further processing Internet Client Server HTTP Request HTTP Response HTML Pages Servlet Container Servlets
  • 28. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 28October 6, 2017 Java Servlets ...  Main HttpServlet methods  Servlet life cycle  a servlet is initialised once via the init() method  the doGet(), doPost() methods may be executed multiple times (by different HTTP requests)  finally the servlet container may unload a servlet (upcall of the destroy() method before that happens)  Servlet container (e.g. Apache Tomcat) either integrated with web server or as standalone component doGet(HttpServletRequest req, HttpServletResponse resp) doPost(HttpServletRequest req, HttpServletResponse resp) init(ServletConfig config) destroy()
  • 29. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 29October 6, 2017 Java Servlet Example  In the exercise you will learn how to process parameters etc. package org.vub.wise; import java.io.*; import java.util.Date; import javax.servlet.http.*; import javax.servlet.*; public class HelloWorldServlet extends HttpServlet { public void doGet (HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { PrintWriter out = res.getWriter(); out.println("<html>"); out.println("<head><title>Hello World</title></head>"); out.println("<body>The time is " + new Date().toString() + "</body>"); out.println("</html>"); out.close(); } }
  • 30. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 30October 6, 2017 JavaServer Pages (JSP)  A "drawback" of Java servlets is that the whole page (e.g. HTML) has to be defined within the servlet  not easy to share tasks between web designer and programmer  Add program code through scriptlets and markup to existing HTML pages  These JSP documents are then either interpreted on the fly (Apache Tomcat) or compiled into Java servlets  The JSP approach is similar to PHP or Active Server Pages (ASP)  Note that Java Servlets become more and more an enabling technology (as with JSP)
  • 31. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 31October 6, 2017 JavaScript  Interpreted scripting language for client-side processing  JavaScript functionality often embedded in HTML documents but can also be provided in separate files  JavaScript often used to  validate data (e.g. in a form)  dynamically add content to a webpage  process events (onLoad, onFocus, etc.)  change parts of the original HTML document  create cookies  ...  Note: Java and JavaScript are completely different languages!
  • 32. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 32October 6, 2017 JavaScript Example  More details about JavaScript in lecture 6 and in the exercise session <html> <body> <script type="text/javascript"> document.write("<h1>Hello World!</h1>"); </script> </body> </html>
  • 33. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 33October 6, 2017 Java Applets  A Java applet is a program delivered to the client side in the form of Java bytecode  executed in the browser using a Java Virtual Machine (JVM)  an applet has to extend the Applet or JApplet class  runs in the sandbox  Advantages  the user automatically always has the most recent version  high security for untrusted applets  full Java API available  Disadvantages  requires a browser Java plug-in
  • 34. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 34October 6, 2017 Java Applets ...  Disadvantages ...  only signed applets can get more advanced functionality - e.g. network connections to other machines than the source machine  More recently Java Web Start (JavaWS) is replacing Java Applets  program no longer runs within the browser - less problematic security restrictions - less browser compatibility issues  Math and Physics Applet Examples  http://www.falstad.com/mathphysics.html
  • 35. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 35October 6, 2017 Exercise 2  Hands-on experience with the HTTP protocol
  • 36. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 36October 6, 2017 References  David Gourley et al., HTTP: The Definitive Guide, O'Reilly Media, September 2002  R. Fielding et al., RFC2616 - Hypertext Transfer Protocol - HTTP/1.1  http://www.faqs.org/rfcs/rfc2616.html  N. Freed et al., RFC6838 - Media Type Specifications and Registration Procedures  http://www.faqs.org/rfcs/rfc6838.html  HTML and JavaScript Tutorials  http://www.w3schools.com
  • 37. Beat Signer - Department of Computer Science - bsigner@vub.ac.be 37October 6, 2017 References ...  M. Knutson, HTTP: The Hypertext Transfer Protocol (refcardz #172)  http://refcardz.dzone.com/refcardz/http-hypertext-transfer-0  W. Jason Gilmore, PHP 5.4 (refcardz #23)  http://refcardz.dzone.com/refcardz/php-54-scalable  Java Servlet Tutorial  http://www.tutorialspoint.com/servlets/
  • 38. 2 December 2005 Next Lecture HTML5 and the Open Web Platform