chap 1 web essentials
TRANSCRIPT
-
8/13/2019 Chap 1 Web Essentials
1/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Chapter 1
Web Essentials: Clients, Servers,
and Communication
WEB TECHNOLOGIES
A COMPUTER SCIENCE PERSPECTIVE
JEFFREY C. JACKSON
-
8/13/2019 Chap 1 Web Essentials
2/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
INTRODUCTION
Server
The software that distributes the information and themachine where the information and software reside
is called the server.
provides requested service to client
e.g., Web server sends requested Web page
-
8/13/2019 Chap 1 Web Essentials
3/100
-
8/13/2019 Chap 1 Web Essentials
4/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Web server:
Software that delivers Web pages and other documents to
browsers using the HTTP protocol
Web Page:
A web page is a document or
resource of information that is
suitable for the World Wide
Web and can be accessed
through a web browser.
-
8/13/2019 Chap 1 Web Essentials
5/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Website:
A collection of pages on the World Wide
Web that are accessible from the same
URL and typically residing on the same
server
-
8/13/2019 Chap 1 Web Essentials
6/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
1.1The Internet
Technical origin:ARPANET(late 1960s) Launched in 1969
Project of U.S Dept of Defense(DoD)
One of earliest efforts to networkheterogeneous(Different manufactures &
Different OS), geographically dispersed
computers
Email first available on ARPANET in 1972(and quickly very popular!)
ARPANET access was limitedto select
DoD-funded organizations
-
8/13/2019 Chap 1 Web Essentials
7/100Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
The Advanced Research Projects Agency
Network (ARPANET) was one of the world's
first operational packet switching networks, the
first network to implement TCP/IP.
The network was initially funded by the
Advanced Research Projects Agency (ARPA,later DARPA) within the U.S. Department of
Defense for use by its projects at universities
and research laboratories in the US.
-
8/13/2019 Chap 1 Web Essentials
8/100Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
The Internet
Open-access networks
Regionaluniversity networks (e.g., SURAnet)
CSNETfor CS departments with no
ARPANET access. Later ARPA Internet allowed to access
outside networks such as CSNET.
The Connection Between CSNET to ARPA ismade by Phonenet(MODEM) approach.
This connection is asynchronous.
This involves long distance calls
-
8/13/2019 Chap 1 Web Essentials
9/100Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Open-access networks
A full-service network provider offering Internet
solutions for business small and large, residential
users and non-profit groups.Regional Universities Network(RUN)
Is a network of six universities primarily from
regional Australia, as well as campuses in theAustralian capital cities and some international
campuses
Southeastern Universities Research Association
network (SURAnet) provided networking servicesfor universities and industries. SURAnetwas one
of the first and one of the largest Internet
providers in the United States.
-
8/13/2019 Chap 1 Web Essentials
10/100Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
The Computer Science Network(CSNET)
was a computer network that began
operation in 1981 in the United States. Its
purpose was to extend networking benefits,
for computer science departments at
academic and research institutions thatcould not be directly connected
to ARPANET, due to funding or
authorization limitations. CSNET was funded by the National
Science Foundation for an initial three-year
period from 1981 to 1984.
-
8/13/2019 Chap 1 Web Essentials
11/100Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
NSFNET(National Science Foundation)
(1985-1995)
Primary purpose: connect supercomputer
centers
Secondary purpose: provide backboneto
connect regional networks
Uses TCP/IP Synchronous
Communication.
-
8/13/2019 Chap 1 Web Essentials
12/100Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Synchronous communication is said to occur
when two parties communicate in real-time.
Examples of synchronous communicationinclude telephone calls and two-way radio
communication.
In contrast, asynchronous communication is
non real-time communication.
Examples might be email, blog and messageboard postings, and especially text
messaging.
-
8/13/2019 Chap 1 Web Essentials
13/100
-
8/13/2019 Chap 1 Web Essentials
14/100Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Geographic distribution of the six supercomputers
centers connected by NSFNET backbone
Operated at only 56kbits/sec
No of machines connected increased
Upgraded to 1.5Mbit/s in 1988
45Mbits/s in 1991
-
8/13/2019 Chap 1 Web Essentials
15/100Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
The Internet Internet: the network of networks
connected via the public backbone andcommunicating using TCP/IP
communication protocol
Global Communication Network Commercial Internet dial-up access offered Economic
Increase network usage
Reduced unit cost
Backbone initially supplied by NSFNET,
privately funded (ISP fees) beginning in 1995
Private telecommunication firms
-
8/13/2019 Chap 1 Web Essentials
16/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
1.2 Basic Internet Protocols
1.2.1 TCP/IP
1.2.2 UDP, DNS, and Domain Names
1.2.3 Higher Level Protocols
TCP/IPSingle Protocol
TCP/IP actually two different protocols.TCP-transport Layer IP-Network layer
Treated as one some bulk of services are built on the top of both the
TCP and IP protocols
-> e-mail, Web browsing, File downloads, accessing remote databases
IPis the fundamental protocol defining the Internet (as the name
implies!)
ftp://ftp.rfc-editor.org/in-notes/std/std5.txtftp://ftp.rfc-editor.org/in-notes/std/std5.txt -
8/13/2019 Chap 1 Web Essentials
17/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
-
8/13/2019 Chap 1 Web Essentials
18/100
-
8/13/2019 Chap 1 Web Essentials
19/100
-
8/13/2019 Chap 1 Web Essentials
20/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
How does the computer choose the next computer in the
route for a packet?
A separate protocol BGP-4 is used to pass network connectivity
information between gateways so that each computer can choose
a good next hop for each packet it receives.
IP software adds error detection information ( a checksum)
to each packet Limitations of IP:
No guarantee of packet delivery (packets can bedropped)
Unreliable
Communication is one-way (source to destination)
-
8/13/2019 Chap 1 Web Essentials
21/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
CheckSum Calculation Checksum Calculation
Sender side :
1. It treats segment contents as sequence of 16-bit integers.
2. All segments are added. Let's call it sum.
3. Checksum : 1's complement of sum.(In 1's complement all 0s are
converted into 1s and all 1s are converted into 0s). 4. Sender puts this checksum value in UDP checksum field.
Receiver side :
1. Calculate checksum
2. All segments are added and than sum is added with sender's checksum.
3. Check that any 0 bit is presented in checksum. If receiver side checksum
contains any 0 than, error is detected. So,the packet is discarded by
receiver.
-
8/13/2019 Chap 1 Web Essentials
22/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
SENDER
1011101110111011
0000111100001111 DATA
1100101011001010 ( sum of all DATA)
0011010100110101 (1s Complement )
Header Checksum- 0011010100110101
Receiver:
1011101110111011
0000111100001111 DATA
1100101011001010 ( sum of all DATA)
0011010100110101 (Checksum)
1111111111111111 (If any bit 0 error Occurred)
-
8/13/2019 Chap 1 Web Essentials
23/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
IP
Source
Gateway
Gateway
Network 1
Network 2
Destination
Network 3
-
8/13/2019 Chap 1 Web Essentials
24/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
IP
Source
Gateway
Gateway
LAN 1
Internet Backbone
Destination
LAN 2
-
8/13/2019 Chap 1 Web Essentials
25/100
-
8/13/2019 Chap 1 Web Essentials
26/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
-
8/13/2019 Chap 1 Web Essentials
27/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
TCP
Source Destination
Can I talk to you?
OK. Can I talk to you?
OK.
Heres a packet.
Got it.
Heres a packet.
Heres a resent packet.
Got it.
Establish
connection. {
{
{
Send packet
with
acknowledgment.
Resend packet if
no (or delayed)
acknowledgment.
-
8/13/2019 Chap 1 Web Essentials
28/100
-
8/13/2019 Chap 1 Web Essentials
29/100
-
8/13/2019 Chap 1 Web Essentials
30/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
TCP
-
8/13/2019 Chap 1 Web Essentials
31/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
1.2.2User Datagram Protocol (UDP)
Like TCP in that:
Builds on IP
Provides port concept
Unlike TCP in that:
No connection concept
No transmission guarantee
No two way connection
Advantage of UDP vs. TCP: Lightweight, so faster for one-time messages
less complexity in order to reduce overhead
D i N S i (DNS)
ftp://ftp.rfc-editor.org/in-notes/std/std6.txtftp://ftp.rfc-editor.org/in-notes/std/std6.txtftp://ftp.rfc-editor.org/in-notes/std/std13.txtftp://ftp.rfc-editor.org/in-notes/std/std13.txt -
8/13/2019 Chap 1 Web Essentials
32/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Domain Name Service (DNS)
Easier to refer machines by names
DNS is the phone book for the Internet
Map back and forth between host names and IP addresses
DNS often uses UDP for communication
When a computer on the Internet needs DNS Service to convert
host names to IP uses UDP software to send UDP messages to
one of the DNS Servers
Host names
Labelsseparated by dots, e.g., www.example.org
Final label is top-level domain
Generic: .com, .org, .edu, .biz, etc.
Country-code: .us, .il(Israel), .mx, .de(germany) etc.
Top level domain names assigned by ICANN (Internet corporation
for assigned names and numbers)funded by U.S goverernment
ftp://ftp.rfc-editor.org/in-notes/std/std13.txthttp://www.example.org/http://www.icann.org/tlds/http://www.icann.org/tlds/http://www.icann.org/tlds/http://www.icann.org/tlds/http://www.example.org/ftp://ftp.rfc-editor.org/in-notes/std/std13.txt -
8/13/2019 Chap 1 Web Essentials
33/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Top level domains divided into sub domains
Domains are divided into second-level
domains, which can be further divided into subdomains, etc.
E.g., in www.example.com, example is a second-
level domain Assignment of second level domain by registry
operator
A host name plus domain name information iscalled the fully qualified domain name of thecomputer
Above, www is the host name, www.example.com
is the FQDN
http://www.example.com/http://www.example.com/http://www.example.com/http://www.example.com/http://www.example.com/http://www.example.com/http://www.example.com/http://www.example.com/http://www.example.com/http://www.example.com/http://www.example.com/http://www.example.com/ -
8/13/2019 Chap 1 Web Essentials
34/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Service names and port numbers are used to distinguish
between different services that run over transport protocols
such as TCP, UDP
When a service (serverprogram) initially is started, it is said tobind to its designated port number. As any client program
wants to use that server, it also must request to bind to the
designated port number.
Port numbers are from 0 to 65535. Ports 0 to 1024 are
reserved for use by certain privileged services. For the
HTTP service, port 80 is defined as a default and it does not
have to be specified in the Uniform Resource Locator (URL).
A registry operator (also called a Network Information
Center (NIC)) is an entity that maintains the database ofdomain namesfor a given top-level domainand generates the
zone fileswhich convert domain namesto IP addresses.
http://whatis.techtarget.com/definition/0,289893,sid9_gci212964,00.htmlhttp://whatis.techtarget.com/definition/0,289893,sid9_gci211662,00.htmlhttp://whatis.techtarget.com/definition/0,289893,sid9_gci211795,00.htmlhttp://whatis.techtarget.com/definition/0,289893,sid9_gci213251,00.htmlhttp://itlaw.wikia.com/wiki/Databasehttp://itlaw.wikia.com/wiki/Domain_namehttp://itlaw.wikia.com/wiki/Top-level_domainhttp://itlaw.wikia.com/wiki/Zone_filehttp://itlaw.wikia.com/wiki/Domain_namehttp://itlaw.wikia.com/wiki/IP_addresshttp://itlaw.wikia.com/wiki/IP_addresshttp://itlaw.wikia.com/wiki/IP_addresshttp://itlaw.wikia.com/wiki/IP_addresshttp://itlaw.wikia.com/wiki/Domain_namehttp://itlaw.wikia.com/wiki/Domain_namehttp://itlaw.wikia.com/wiki/Domain_namehttp://itlaw.wikia.com/wiki/Zone_filehttp://itlaw.wikia.com/wiki/Zone_filehttp://itlaw.wikia.com/wiki/Zone_filehttp://itlaw.wikia.com/wiki/Top-level_domainhttp://itlaw.wikia.com/wiki/Top-level_domainhttp://itlaw.wikia.com/wiki/Top-level_domainhttp://itlaw.wikia.com/wiki/Top-level_domainhttp://itlaw.wikia.com/wiki/Top-level_domainhttp://itlaw.wikia.com/wiki/Domain_namehttp://itlaw.wikia.com/wiki/Domain_namehttp://itlaw.wikia.com/wiki/Domain_namehttp://itlaw.wikia.com/wiki/Databasehttp://whatis.techtarget.com/definition/0,289893,sid9_gci213251,00.htmlhttp://whatis.techtarget.com/definition/0,289893,sid9_gci211795,00.htmlhttp://whatis.techtarget.com/definition/0,289893,sid9_gci211662,00.htmlhttp://whatis.techtarget.com/definition/0,289893,sid9_gci212964,00.html -
8/13/2019 Chap 1 Web Essentials
35/100
-
8/13/2019 Chap 1 Web Essentials
36/100
-
8/13/2019 Chap 1 Web Essentials
37/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
1.2.3 Higher-level Protocols
IP ~ the telephone network
TCP ~ calling someone who answers,having a conversation, and hanging up
UDP ~ calling someone and leaving a
message
DNS ~ directory assistance (names with
numbers)
Many protocols build on TCP
-
8/13/2019 Chap 1 Web Essentials
38/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Many protocols build on TCP
Telephone analogy: TCP specifies how we initiate and
terminate the phone call, but some other protocol
specifies how we carry on the actual conversation Some examples:
SMTP(email)
FTP(file transfer)HTTP(transfer of Web documents)
Primary TCP-based protocol used for
communication between web servers and browsers
called HTTP
IP is key component in the definition of Internet
HTTP -WWW
-
8/13/2019 Chap 1 Web Essentials
39/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
1.3 World Wide Web
Public Sharing of InformationInternet
Usenet newsgroup service1979
worldwide distributed Internetdiscussion system
Posting Information that could be read by users on othersystem
First Internet Chat software
Internet Relay Chat Various technologies were developed for supporting
information management and search on the internet.
Gopher-hierarchical view of documents
WAIS-(Wide area information system)-Used indexingARCHIESearch online info archives via FTP
http://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/Internet -
8/13/2019 Chap 1 Web Essentials
40/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Unique feature of Web: support for hypertext (textcontaining links)
Communication via Hypertext Transport Protocol(HTTP)
Document representation using Hypertext MarkupLanguage(HTML)
The Web is the collection of machines (Webservers) on the Internet that provide information,
particularly HTML documents, via HTTP.
Machines that access information on the Webare known as Web clients.
A Web browseris software used by an end user
to access the Web.
-
8/13/2019 Chap 1 Web Essentials
41/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
1.3.1 Hypertext Transport Protocol (HTTP)
HTTPis based on the request-response
communication model:
Client sends a request
Server sends a response
HTTP is a statelessprotocol:
The protocol does not require the server to
remember anything about the client betweenrequests.
ftp://ftp.rfc-editor.org/in-notes/rfc2616.txtftp://ftp.rfc-editor.org/in-notes/rfc2616.txt -
8/13/2019 Chap 1 Web Essentials
42/100
-
8/13/2019 Chap 1 Web Essentials
43/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Browsing the web
Normally implemented over a TCP connection (80 is
standard port number for HTTP) Typical browser-server interaction:
User enters Web address in browser
Browser uses DNS to locate IP address
Browser opens TCP connection to server
Browser sends HTTP request over connection
Server sends HTTP response to browser over
connectionBrowser displays body of response in the client area
of the browser window
-
8/13/2019 Chap 1 Web Essentials
44/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
HTTP request Message
The information transmitted using HTTP is often
entirely text (readable form)
Start line followed by a message header and optional
message body
Start line
Example: GET / HTTP/1.1
-
8/13/2019 Chap 1 Web Essentials
45/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
HTTP request Message
The information transmitted using HTTP is
often entirely text (readable form)
Connect to a web server using telnet
$ telnet www.example.org 80
Trying 192.0.34.166
Connected to www.example.com (192.0.34.166).
Escape character is ^].
GET / HTTP/1.1
Host: www.example.org
HTTP/1.1 200 OK
Date: Thu, 09 Oct 2003 20:30:49 GMT
{Send
Request
{Receive
Response
Connect {
-
8/13/2019 Chap 1 Web Essentials
46/100
1 4 2 HTTP i
-
8/13/2019 Chap 1 Web Essentials
47/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
1.4.2 HTTP version
1997 HTTP 1.1 was formally defined
The version string for HTTP/1.1 must appear inthe start line exactly as shown with all capital
letters and no embedded white space
1.4.3 Request-URI Second part of start line
Concatenation of the string http://
Value of the host header field www.example.org
Request-URI forms a string known as URI An URI is an identifier that is intended to be
associated with a particular resource on the
WWW.
http://www.example.org/http://www.example.org/ -
8/13/2019 Chap 1 Web Essentials
48/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Every URI has two parts
Scheme appears before the colon :
Another part depends on the scheme web addresses ( most partuse http scheme)
URI is case sensitive generally written in lowercase
URI representing the location of a resource on the web
called the URL.
Another type URNdesigned to be a unique name for a
resource.
Syntax:scheme:scheme-depend-part Ex: In http://www.example.com/the scheme is http
URI f
http://www.example.com/http://www.example.com/ -
8/13/2019 Chap 1 Web Essentials
49/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
URIs are of two types:
Uniform Resource Name (URN)
Can be used to identify resources with uniquenames, such as books (which have unique
ISBNs)
Scheme is urn
Ex:
Three colon separated parts
scheme name
Namespace identifier
Namespace specific string
ftp://ftp.rfc-editor.org/in-notes/rfc2396.txt -
8/13/2019 Chap 1 Web Essentials
50/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Uniform Resource Locator (URL)
Specifies location at which a resource can be
found In addition to http, some other URL schemes
are https, ftp, mailto, and file
1.4.4 HTTP request method
ftp://ftp.rfc-editor.org/in-notes/rfc2396.txtftp://ftp.rfc-editor.org/in-notes/rfc2396.txt -
8/13/2019 Chap 1 Web Essentials
51/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
q The method part of the start line of an HTTP request written in
uppercase letters
GET is the most common HTTP method; it says "give me
this resource". Other methods include POST and HEAD.
Method names are always uppercase
POSTused to send information collected from a form displayed
within a browser
The path is the part of the URL after the host name, also called
the request URI
The HTTP version always takes the form "HTTP/x.x",
uppercase.
M th d D i ti
-
8/13/2019 Chap 1 Web Essentials
52/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Method Description
OPTIONS Return a list of HTTP methods used to access
the resource
GET Retrieves the requested URI, including the
headers and body (that is, the content).
HEAD Retrieves only the headers for the requested URI
and not the body.POST Sends information to the server from HTML
forms.
PUT Uploads the file indicated in the URI to a server.
DELETE Deletes the URI from a server.
TRACE Return a copy of the complete HTTP request
message for test purposes.
-
8/13/2019 Chap 1 Web Essentials
53/100
-
8/13/2019 Chap 1 Web Essentials
54/100
H d fi ld f t
-
8/13/2019 Chap 1 Web Essentials
55/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Header field features:
First header names not case sensitive
Header field value wrap onto several linesHeader field values using MIME types
Many header field values use quality values to
indicate preferences
Quality value specified by a string of the form
q=num
Num is a decimal number between 0 and 1
-
8/13/2019 Chap 1 Web Essentials
56/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Multipurpose Internet Mail Extensions (MIME)
Standard used to pass variety of information includes
graphics and applications through e-mails as well as
through Internet message protocols.
Has two parts
Content type of the message case insensitivestring
Subtype or private type indicated by x- or X-
MIME content type syntax:top-level type/subtype
Examples: text/html, image/jpeg
Q
-
8/13/2019 Chap 1 Web Essentials
57/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
HTTP Quality Values and Wildcards
Example header field with quality values:accept:
text/xml,text/html;q=0.9,text/plain;q=0.8, image/jpeg,
image/gif;q=0.2,*/*;q=0.1 Quality value applies to all preceding items
Higher the value, higher the preference
Note use of wildcards to specify quality 0.1 for anyMIME type not specified earlier
-
8/13/2019 Chap 1 Web Essentials
58/100
1.5 HTTP Response Message
-
8/13/2019 Chap 1 Web Essentials
59/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Structure of the response:
status line
header field(s) (one or more)
blank line
optional message body
1.5.1 Response Status LineExample: HTTP/1.1 200 OK
Three space-separated parts:
HTTP version used by server software status code (numeric)
reason phrase (intended for human use)
Status code
-
8/13/2019 Chap 1 Web Essentials
60/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Three-digit number
First digit is class of the status code:
1=Informationalprovide information to client. 2=Success
3=Redirection (alternate URL is supplied)
4=Client Error Request not valid
5=Server Error Error occurred during server processing
Other two digits provide additional information
200 OK
301 Moved Permanently
307 Temporary redirect
401 Unauthorized
403 Forbidden
404 Not Found
500 Internal Server Error
1 5 2 Response header fields
-
8/13/2019 Chap 1 Web Essentials
61/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
1.5.2 Response header fields
Common header fields:
Connection, Content-Type, Content-Length
Date: date and time at which response was generated(required).supplied by server.
Server-Information identifying the server software
Location: alternate URI if status is redirectionLast-Modified: date and time the requested resource
was last modified on the server
Expires: date and time after which the clientscopy of
the resource will be out-of-dateETag: a unique identifier for this version of therequested resource (changes if resource changes)
A hash code of resource returned.
1.5.3Cache ControlA h i l l f i f ti bt i d f
-
8/13/2019 Chap 1 Web Essentials
62/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
A cacheis a local copy of information obtained from someother source
A copy of information placed in cache to improve system
performanceEx: icon appearing multiple times in a Web page
Advantages
Most web browsers use cache to store requested resources
so that subsequent requests to the same resource will notnecessarily require an HTTP request/response
HTTP caching when successful leads to quicker displayby the browser
Reduced network communication Reduce load on the web Server
Drawbacks
Information in a cache become invalid
V lid i h d
-
8/13/2019 Chap 1 Web Essentials
63/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Validating cached resource:
Send HTTP HEAD request and check Last-
Modified or ETag header in response
Compare current date/time with Expires header
sent in response containing resourceComparing the Etag returned by head request with
Etag stored with the cached resource
If Etag values match, then the cached copy is valid
1.5.4 Character Sets
-
8/13/2019 Chap 1 Web Essentials
64/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Characters represented in web documents
Every document is represented by a string of integer values (code
points)
The mapping from code points to characters is defined by a
character set
Ex: US-ASCII (7- bit Integer) char set used to represent the
characters used in HTTP header field names
In java the char set used internally by browser is defined by
UNICODE.
Character Encoding is a bit string that must be decoded into a code-point
integer that is then mapped to a character according to the definition
provided by some character set.
An encoding represents code points using variable-length
-
8/13/2019 Chap 1 Web Essentials
65/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
An encoding represents code points using variable length
byte strings
Most common examples are Unicode-based encodings
UTF-8 and UTF-16 IANA maintains complete list of Internet-recognized
character sets/encodings
Some header fields have character set values:
Accept-Charset: request header listing character setsthat the client can recognize
Ex: accept-charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Content-Type: can include character set used torepresent the body of the HTTP message
Ex: Content-Type: text/html; charset=UTF-8
Typical US PC produces ASCII documents
http://www.iana.org/assignments/character-setshttp://www.iana.org/assignments/character-setshttp://www.iana.org/assignments/character-setshttp://www.iana.org/assignments/character-setshttp://www.iana.org/assignments/character-sets -
8/13/2019 Chap 1 Web Essentials
66/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Typical US PC produces ASCII documents
US-ASCII character set can be used for such documents,
but is not recommended
UTF-8 and ISO-8859-1 are supersets of US-ASCII and
provide international compatibility
UTF-8 can represent all ASCII characters using a
single byte each and arbitrary Unicode characters using
up to 4 bytes each
ISO-8859-1 is 1-byte code that has many characters
common in Western European languages, such as
1.6 Web Clients
-
8/13/2019 Chap 1 Web Essentials
67/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Is a software that access a web server by sending HTTP
request message and processing the resulting HTTP response
Most common form of web client software
Web browsers running on desktop or laptop
Many possible web clients:Text-only browser(lynx)
Mobile phones
Robots (software-only clients, e.g., search engine
crawlers)not designed to be used directly by humans at
all.
etc.
User agent
-
8/13/2019 Chap 1 Web Essentials
68/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
User agent
Any web client that is designed to directly support
user access to web servers.
Early browsers text-based ran on specialized
platforms
First graphical browser running on general-purpose
platforms: Mosaic (1993) by NCSA (National Centrefor supercomputer applications)
Then came Netscape Navigator
Microsoft Internet Explorer Browser war between Netscape Navigator and
Microsoft Internet Explorer
Microsoft was victorious
N t i d b A i li
-
8/13/2019 Chap 1 Web Essentials
69/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Netscape was acquired by America online
Launched Mozilla Firefox
All the major modern browsers support a common set ofbasic user features
Provide similar support for HTTP communication
1.6.1 Basic Browser Function
-
8/13/2019 Chap 1 Web Essentials
70/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Window split into several rectangular regions known as
Bars
5 Standard region in Mozilla 1.4Primary regionClient area display document
Title bartitle assigned by document author to the
document currently displayed within the client area
Menu bardropdown menus and GUI
N i ti t lb h b tt t l (B k F d
-
8/13/2019 Chap 1 Web Essentials
71/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Navigation toolbarpush-button controls(Back, Forward
Stop Print and Reload)
Contains a text box known as Location barUser can
enter the url in order to request the browser to display the
document located at the specified URL.
Status bardisplays messages and icons related to the status
of the browser Browser make HTTP request on behalf of the user
Browser Primary tasks:
Reformat the URL entered as a valid HTTP request
message
If server specified by host name, use DNS
Establish TCP connection using IP of the specified address
-
8/13/2019 Chap 1 Web Essentials
72/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Some Mozilla Status Messages
-
8/13/2019 Chap 1 Web Essentials
73/100
Browser uses authority to connect via TCP
-
8/13/2019 Chap 1 Web Essentials
74/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Browser uses authority to connect via TCP
Request-URI included in start line (/ used for path if none
supplied)
Fragment identifier not sent to server (used to scroll
browser client area)
1.6.3 User Controllable Features
Graphical Browsers features: Save : Most documents can be saved by the user to the
client machines file system.
File|Save Page As
Find in Page:Standard documents (text and HTML) can
be searched with a function similar to word processors
Edit | Find in This Page
-
8/13/2019 Chap 1 Web Essentials
75/100
Style definitionView|Text Zoom View|Use Style
D t t I f ti Vi | S R HTML
-
8/13/2019 Chap 1 Web Essentials
76/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Document meta-InformationView|page SourceRaw HTML
View|Page Infometa information
ThemesLook of one or more browser bars(Skin)
View | Apply Theme|Get New Themes
History Automatically maintain a list of all pages visited within the last
several days Go|History
BookmarksSave the URL for that page for an indefinite length of time
1.6.4 Additional Functionality Automatic URL Completion
Script Execution [ Browsers run programs to perform variety of tasks ,
validation]
Event Handling [Clicking on a link or button occurrence of event, Button
Clicks and mouse movement]
Management of form GUI: Web page contains a form with fill-in fields
browser allow user to perform std text-editing functions, button image,Text
Cursor]
Secure Communication: User send sensitive
-
8/13/2019 Chap 1 Web Essentials
77/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Secure Communication: User send sensitive
information to server and the browser encode this
information and prevent it from any other machines,
Credit Card Number]
Plug-in Execution: Support Plug-in Protocol.Display
of non-HTML documents (e.g., PDF) viaplug-ins
Help|About Plug-ins1.7 WEB SERVERS
Tomcat 5.0
1.7.1 Server FeaturesAccept HTTP request from web clients and return
an appropriate resource in the HTTP response
Basic functionality:
-
8/13/2019 Chap 1 Web Essentials
78/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Server calls on TCP software and waits for connection req toone or more ports
When a connection request is received , the server dedicates asubtask(Single copy of server software handling a singleclient connection)
Subtask establish connection and receives request
Subtask examines the host header field to determine the host
and invokes software for this host Virtual host software Map Request-URI to specific resource
on the server.
It maps Request-URI to specific resource associated
with the virtual host File: Return file in HTTP response (MIME Type)
Program: Run program and return output in HTTP
response
Log information about the request and response such as IPdd d h d i l i fil
-
8/13/2019 Chap 1 Web Essentials
79/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
address and the status code in a plain-text file.
If the TCP connection is kept alive , the server subtask continuesto monitor the connection, the client send another request or
initiates a connection close.
Few Definitions
All modern servers concurrently process multiple requests
Multiple copies of the server running
simultaneously(Concurrency)
SubtaskSingle copy of server software handling a single client
connection
Virtual HostHTTP request include a host header field
Multiple host names mapped by a DNS to a single IP address
Web server determine which virtual host is being requested by
examining the host header field.
1.7.2 Server History NCSA httpd web server
-
8/13/2019 Chap 1 Web Essentials
80/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
NCSA httpdweb server
NCSA discontinued development of server in 1990
Several individuals began developing their own updates called
patches
Patchy server known as Apache ServerFree openserver
source in April 1995
Microsoft began developmentIIS (Internet Information
Server)
IIS include all features found in apache
Drawbacks
IIS Run only on Windows System Run programs written in VB script
Apacheruns on Windows , Linux, and Macintosh
Run programs written in Perl and PHP
A number of IIS and Apache server run java programs
-
8/13/2019 Chap 1 Web Essentials
81/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
When running a java program , both servers are configured to
run the program by using a separate software called Servlet
Container Servlet Container provides JVM that runs java
programs(known as Servlet)
It provides communication between the servlet and the Apache
or IIS Server Tomcat is a popular free open-source servlet container by
Apache software foundation
Tomcat can also run as a standalone web server that
communicates directly with web clients Tomcat 5.0 Web Server
1.7.3 Server Configuration and Tuning
-
8/13/2019 Chap 1 Web Essentials
82/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Modern servers have large number of Configuration
parameters
Server Configuration broken into two areas: External Communication
Internal Processing
In Tomcat two separate Java Packages:
Coyote
Catalina
CoyoteProvides HTTP 1.1 communication
CatalinaActual Servlet Container
Coyote parameters affecting External Communication:IP addresses and TCP ports
Number of subtasks created when server initialized
Max number of threads allowed to exist simultaneously
-
8/13/2019 Chap 1 Web Essentials
83/100
Internal Catalina parameters affect functionality:
-
8/13/2019 Chap 1 Web Essentials
84/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Which client machines may send HTTP request to the server
Which virtual host are listening for TCP connection
What logging will be performed How the requestURI mapped to servers resources
Password protection of resources
Use of server-side caching
Install Tomcat 5.0 at the default port 8080
Open browser browse to the URL
http://localhost:8080
Click the Server Administration link cause a log-
in page to be displayed.
http://localhost:8080/http://localhost:8080/http://localhost:8080/http://localhost:8080/http://localhost:8080/http://localhost:8080/ -
8/13/2019 Chap 1 Web Essentials
85/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Tomcat included in JWSDP
JWSDP Service entry in the list on left side
Click on the icon to reveal the associated server
components
Service has Five Components:
Connector, Host, Logger, Realm, and Valve
-
8/13/2019 Chap 1 Web Essentials
86/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Connector is a coyote component handles HTTP
communication
Clicking on the connector will produce the window
containing the dropdown menus of possible action
that can be performed for this component
-
8/13/2019 Chap 1 Web Essentials
87/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Connector AttributesWhen you create or modify any type of Connector, the attributes
-
8/13/2019 Chap 1 Web Essentials
88/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
shown in flowing table may be set, as needed.
Common Connector AttributesAttribute Description
Accept
CountLength of TCP Connection wait queue
Connection
Timeout
The number of milliseconds this Connector will
wait, after accepting a connection. The default
value is 60000 (i.e. 60 seconds).
IP AddressSpecifies which address will be used for listeningon the specified port, for servers with more than
one IP address.
-
8/13/2019 Chap 1 Web Essentials
89/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Port
Number
Port Number on which this connection will listen
for TCP connection request
Minimum
The number of request processing threads that
will be created when this Connector is first
started. The default value is 5.
Maximum
The maximum number of request processing
threads to be created by this Connector, which
therefore determines the maximum number of
simultaneous requests that can be handled. If not
specified, this attribute is set to 75.
1.7.4 Defining Virtual Hosts
C fi i H El
-
8/13/2019 Chap 1 Web Essentials
90/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Configuring Host Elements
The Host element represents a virtual host, which is an association
of a network name for a server (such as www.mycompany.com)with the particular server on which Tomcat is running.
Host Attributes
The attributes shown in following table may be viewed, set, or
modified for a Host.
Host Attributes
-
8/13/2019 Chap 1 Web Essentials
91/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
os bu es
Attribute Description
Name FQDN that clients will use to access the virtual host
Applicati
on Base
Directory Containing Web Applications
The Application Base directory for this virtual host.
This is the path name of a directory that may contain
Web applications to be deployed on this virtual host.You may specify an absolute path name for this
directory, or a path name that is relative to the
directory under which Tomcat is installed.
Deployon
startup
Boolean value indicating whether or not webapplications should be automatically initialized when
the server starts
A i i
-
8/13/2019 Chap 1 Web Essentials
92/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Web Applications
Collection of files and programs that work
together to provide particular functions to web
users
Absolute path nameTraces the path from the
/(root) directory. Absolute path names always
begin with the slash (/) symbol.
Relative path nameTraces the path from the
current directory through its parent or itssubdirectories and files.
1.7.5 Logging
Web server logs record information about server activity
-
8/13/2019 Chap 1 Web Essentials
93/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Web server logs record information about server activity
Access log is a file that records information about every HTTP
request processed by the server
Message logsvariety of debugging and other information
generated by web server
Access logging is performed by adding a valve component
The Primary fields are given in the table:Logger Attributes
Attribute Description
Directory Where log file will be written
Pattern Information to be written to log
PrefixThe prefix added to the start of each log
file's name.
SuffixThe suffix added to the end of each log file's
name
-
8/13/2019 Chap 1 Web Essentials
94/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
name.
TimestampWhether or not all logged messages are to be
date and time stamped. Set to True and false
Resolve HostsWhether IP address or host name to be written
in log file
Tomcat writes the log information in a log file which in a plaintext format. In general, the log entry has the following format:
%h %l %t %r%s %b
%h - Remote host name
%l - Remote logical user name
%t - Date and time, in Common Log Format
%r - First line of the request URI
%s - HTTP status code of the response
%b - Bytes sent in body of response, excluding HTTP headers,
Access log in common format:
-
8/13/2019 Chap 1 Web Essentials
95/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
g
1.7.6 Access Control
-
8/13/2019 Chap 1 Web Essentials
96/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
Provide automatic password protection for resources
Access control:
Password protection (e.g., admin pages)
Users and roles defined in
conf/tomcat-users.xml
Deny access to machines Useful for denying access to certain users by
denying access from the machines they use
List of denied machines maintained in
RemoteHostValve (deny by host name) orRemoteAddressValve (deny by IP address)
-
8/13/2019 Chap 1 Web Essentials
97/100
Secure Servers
-
8/13/2019 Chap 1 Web Essentials
98/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
98
Secure Servers
BrowserWeb
Server
Id like to talk securely to you (over port 443)
Heres my certificate and encryption data
Heres an encrypted HTTP request
Heres an encrypted HTTP response
Heres an encrypted HTTP request
Heres an encrypted HTTP response
TLS/
SSL
TLS/
SSL
HTTP
Requests
HTTP
Responses
HTTP
Requests
HTTP
Responses
Secure Servers
-
8/13/2019 Chap 1 Web Essentials
99/100
Jackson, Web Technologies: A Computer Science Perspective, 2007 Prentice-Hall, Inc. All rights reserved. 0-13-185603-0
99
Man-in-the-Middle Attack
Browser
Fake
DNS
Server
Whats IP
address forwww.example.org?
100.1.1.1
Fake
www.example.org
100.1.1.1
Realwww.example.org
My credit card number is
Secure Servers
-
8/13/2019 Chap 1 Web Essentials
100/100
Preventing Man-in-the-Middle
Browser
Fake
DNS
Server
Whats IP
address forwww.example.org?
100.1.1.1
Fake
www.example.org
100.1.1.1
Realwww.example.org
Send me a certificate of identity