1 / 19

Unit 20 - Client Side Customisation of Web Pages

Unit 20 - Client Side Customisation of Web Pages. Week 4 – Lesson 9 Fundamentals of Scripting. Fundamentals of Scripting Languages. Introduction Characteristics Uses Scripting language constructs. Assignment 2 - Scripting Languages. What a scripting language is How it works

derek-hood
Download Presentation

Unit 20 - Client Side Customisation of Web Pages

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Unit 20 - Client Side Customisation of Web Pages Week 4 – Lesson 9 Fundamentals of Scripting

  2. Fundamentals of Scripting Languages • Introduction • Characteristics • Uses • Scripting language constructs

  3. Assignment 2 - Scripting Languages • What a scripting language is • How it works • What types are available • The main features • How does a scripting language improve functionality • Explain in detail how a browser implements a scripting language

  4. Results • 22 submissions, 4 missed • 7 passes • 5 merits • 3 distinctions • 15 referrals

  5. P2 Definitions (10) • 10 topics to describe • Some missing altogether • Some incomplete –do you proof-read? • “…is shown in the image below.”

  6. P2 Definitions (10) • Should be original • From a relevant source • quotedeg. “scripting languages are designed for gluing: they assume the existence of a set of powerful components and are intended primarily for connecting components together.” John K. Ousterhout http://www.tcl.tk/doc/scripting.html IEEE Computer magazine, March 1998 • topics • Event-driven & object-orientated

  7. P2 Definitions (10) • Should describe the feature – use an example where possible • ‘more needed’ this is often why

  8. Security • Major issue is placing code to run on client’s machine • Cross-site scripting attacks XSS • Vulnerability present in about 70% pf web applications (sources, Veracode, Acunetix) http://www.veracode.com/security/xss http://www.acunetix.com/websitesecurity/cross-site-scripting/

  9. Security • http://www.acunetix.com/websitesecurity/cross-site-scripting/

  10. XSS • Reflective XSS • Malicious Javascript in e-mail, victim clicks link, Javascript sent to vulnerable website, reflected back and run on victim machine. http://www.veracode.com/security/xss

  11. Persistent attack • Attacker includes malicious script as part of user-name, other users view profile, code executes on other users machine http://www.veracode.com/security/xss

  12. Constructs • Need correct construction: • Syntax i.e. Grammar and order correct of words • Dot operator allows an object to use a method • Variable data stored as text or numbers • Must have unique name within script • Loops or iterations code which is executed repeatedly.

  13. Objects • A type of data which: • Knows things about itself (properties) • Knows how to do things (methods) • Many objects already exist • Can create new ones

  14. An example of ‘object’ code... • The ‘String’ object: • <script> • Hw=“Hello World” • document.write(Hw.length) • </script>

  15. Methods • Each object knows which methods it can carry out, eg (string object): • <script> • Hw=“Hello world” • document.write(Hw.toUpperCase()) • </Script> • Copy this code and observe the screen output.

  16. Loops • for - loops through a block of code a specified number of times • while - loops through a block of code while a specified condition is true • do...while - also loops through a block of code while a specified condition is true • for...in - loops through the properties of an object

  17. Event handling • An event that triggers a piece of code • Some examples and further explanation are here: • http://www.w3.org/TR/html4/interact/scripts.html#h-18.2.3

  18. M2 • Client vs server is not needed • Compare examples of object-orientated and event-driven • Explain how Javascript improves functionality: • Drop-down menus • Mouse-followers • Image galleries • Validation • Browser detection • Create cookies • Read/write/modify HTML elements • hiding or showing elements • moving elements • changing colors or fonts

  19. D1 • Understanding client-side scripting • Sheryl Canter, April 2004 • http://www.pcmag.com/article2/0,2817,1554984,00.asp

More Related