490 likes | 594 Views
Web Technologies. Kevin McManus. WWW Architecture. Platform: Windows, Mac, Unix, etc. Browser: IE, Mozilla, Opera, etc. Client. Request: http://www.gre.ac.uk/about/. Network. HTTP over TCP/IP. Response: <html>…</html>. Server. Platform: Windows, Mac, Unix, etc.
E N D
Web Technologies Kevin McManus
WWW Architecture Platform: Windows, Mac, Unix, etc. Browser: IE, Mozilla, Opera, etc. Client Request: http://www.gre.ac.uk/about/ Network HTTP over TCP/IP Response: <html>…</html> Server Platform: Windows, Mac, Unix, etc. Web Server: Apache, IIS, Xitami, etc. the University of Greenwich
WWW Architecture • Client-Server Request-Response architecture • You request a web page • e.g. http://www.gre.ac.uk/about/index.html • HTTP request • The web server responds with data • HTTP response • usually in the form of a web page (HTML document) • could be any file format • web page is written using HyperText Markup Language (HTML) • Web pages are identified by a Uniform Resource Locator (URL) • protocol: e.g. http:// • web server: e.g. www.gre.ac.uk • [machine name].[domain name] • web page: e.g. /about/index.html the University of Greenwich
Internet Standards • Internet Engineering Task Force (IETF) http://www.ietf.org/ • founded 1986 • a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet • open to any interested individual or organisation • establishes standards through working groups, mailing lists and Request For Comments (RFC) documents http://www.ietf.org/rfc.html the University of Greenwich
Web Standards • World Wide Web Consortium (W3C) http://www.w3.org • founded 1994 by Tim Berners-Lee • currently hosted by MIT, ERCIM and Keio University • open to corporate membership • develops interoperable technologies to lead the Web to its full potential • produces specifications, standards, technical reports, guidelines, software, and tools • a forum for information, commerce, communication, and collective understanding • home of the Web Accessibility Initiative (WAI) • access for all the University of Greenwich
Internet / Web • The Internet (capital I) is a globally interconnected network of computers • employs a wide variety of communication technologies • wires, fibres, satellites and so on • supports a number of protocols • The Web (capital W) is globally interconnected network of information • hypertext documents • using the Internet to connect information the University of Greenwich
Clients & ServersSimilarities • Client and server computers both usually have: • hardware • Central Processing Unit (CPU) • e.g. Intel Pentium, AMD Athlon, IBM PPC, Sun Sparc • memory • I/O • Visual Display Unit (VDU), storage (fixed, removable), network • bus to connect it all together • software • multi-tasking operating system • Unix, Linux, NT, XP • file system • applications the University of Greenwich
Clients & ServersDifferences • Clients • generally support a single user • optimized for responsiveness to user • have a user interface, graphics • have client applications • e.g. web browsers • Servers • supports multiple users • optimized for throughput • more: CPUs (SMP), memory, disks (SANs), I/O • provide services • e.g. web, file, print, database, e-mail, telnet, directory • provides a high quality of service • RAID, UPS, redundant power supplies, hot swap devices the University of Greenwich
Web Browser • Client-side application • also known as a User Agent • Requests resources from web servers • knows how to parse and render HTML • may know how to handle images • may know how to handle client-side scripts • may use plug-ins to handle other media formats • Popular browsers • have a graphical interface • Mosaic - developed at NCSA circa 1992 • Modern browsers include: Internet Explorer, Mozilla, Netscape, Opera • compatibility is an issue • Uncommon browsers • text only – Lynx • assistive technologies – Jaws, IBM Home Page Reader the University of Greenwich
Web Server • A program running on a server • Service HTTP requests from web clients • accepts the request • returns the requested resource (if it can) • HTTP response • usually an HTML web page • Originally developed as the HTTP daemon (HTTPd) at NCSA • circa 1995 following work by Tim Berners-Lee at CERN • Configurable • deny or grant requests • provide virtual hosts • Logs requests and responses • Popular servers • Apache (70%), Microsoft Internet Information Server (IIS), Sun One the University of Greenwich
Proxy Servers & Firewalls • Proxy Server • a server that sits between a client and the Internet • improves performance by caching frequently accessed resources • essential to achieve scalability of the Web • can filter requests to prevent access to certain web sites • used to implement censorship • can alter the client's request or the server's response • useful but open to abuse • Firewall • a piece of hardware and/or software that prevents communications forbidden by a security policy • controls network traffic between different zones of trust • prevents unauthorized access to a network from the Internet the University of Greenwich
Networks • Network = an interconnected collection of independent computers • Why have networks? • resource sharing, information sharing, reliability, communication • Networked computers can offer so much more than isolated machines • Web technologies add: • global information sharing: search engines, wikis • applications that do not require a client-side installation • new business models: e-commerce • new education models: e-learning • new ways of organising society: e-government, social networks • entertainment: radio and television streaming and podcasts the University of Greenwich
Networks • Network scope • internet: a collection of connected networks • Internet: a specific world-wide network based on IP, used to connect companies, universities, governments, organizations and individuals. • grew from ARPANET, funded by the US DoD. • intranet: a network based on Internet technologies that is internal to a company or organization • extranet: a network based on Internet technologies that connects one company or organization to another the University of Greenwich
Network Protocol Stack Application layer HTTP HTTP Transport layer TCP TCP Internet layer IP IP Physical layer Ethernet Ethernet the University of Greenwich
NetworksPhysical Layer • Defines the physical specifications for devices • electrical, optical, electromagnetic, dimensional • Establishes connections to a medium of communication • copper wire, fibre-optic, wireless • Ethernet is now the most common implementation • (actually the data link layer in the OSI model) • many variations on ethernet • the local router maps IP addresses to Media Access Control (MAC) addresses • 48bit address of an ethernet controller • must be unique on a subnet • usually permanently set at point of manufacture the University of Greenwich
NetworksInternet Layer • Internet Protocol (IP) • Responsible for communicating packets from source to destination • across multiple network hops • Not guaranteed to be reliable • IP address: 32 bit value usually written in dotted decimal notation as four 8-bit numbers (0 to 255) e.g. 130.51.12.4 • globally unique • for computers connected to the Internet • limited number of addresses – only 4 billion! • Network Address Translation (NAT) used to increase capacity • IPv6 provides increased number of addresses • 128 bit addresses the University of Greenwich
NetworksTransport Layer • Provides an efficient, reliable and cost-effective service • Uses the sockets programming model • Port numbers are used to identify the application • well-known ports identify standard services e.g. HTTP uses port 80, SMTP uses port 25 • can use other port numbers – if they are free e.g. http://fred.foo.net:8080/bar/myfile.html • Transmission Control Protocol (TCP) • connection-oriented byte stream • guaranteed reliability • User Datagram Protocol (UDP) • connectionless • no guarantee but lower overheads the University of Greenwich
NetworksApplication Layer • Telnet - remote terminal • File Transfer Protocol (FTP) • Network News Transfer Protocol (NNTP) • Simple Network Management Protocol (SNMP) • Simple Mail Transfer Protocol (SMTP) • Post Office Protocol (POP) • Interactive Mail Access Protocol (IMAP) • Secure Shell (SSH) – secure terminal • Hypertext Transfer Protocol (HTTP) – the principal protocol of the World Wide Web the University of Greenwich
Hypertext Transfer ProtocolHTTP • a.k.a. Hypertext Transport Protocol • HTTP is a simple stateless request-response protocol • A web client (user agent) requests a resource identified by a uniform resource locator (URL) • The web server identified in the URL responds with the file identified in the URL • the file may contain static data • HTML pages, GIFs, JPEGs, Microsoft Word documents, Adobe PDF documents, etc., etc. • the file may be a program that runs on the server to output data • ASP, PHP, Perl, JSP, etc., etc. • HTTP/1.0 highly successful • HTTP/1.1 introduced to address flaws in 1.0 and improve network performance • pipelining requests and responses the University of Greenwich
HTTP Methods • GET, POST, HEAD, PUT, DELETE, TRACE, OPTIONS, CONNECT • GET and POST are both used to... • request a resource from a server • send data with the request • as name value pairs • GET appends name value pairs to the URL • data is visible in the browser • considered safe • recommended for idempotent operations • default behaviour of clients and proxies is to cache responses • URL can be usefully bookmarked • encapsulates state • POST sends name value pairs after the HTTP header • considered to be unsafe • responses not cached • can carry larger payload • Differences between GET and POST are subtle and significant • we will look closely at this later the University of Greenwich
HTTP Request Method File name HTTP version GET /~k.mcmanus/index.html HTTP/1.1 Host: staffweb.cms.gre.ac.uk Connection: close Accept: text/xml,text/html,text/plain,image/png,*/* Accept-Language: en-gb,en User-Agent: Mozilla/4.0 (compatible;MSIE 6.0;Windows NT 5.0) Accept-Charset: ISO-8859-1,utf-8;q=0.7,* If-Modified-Since: Mon, 18 Sep 2006 22:57:19 GMT Referer: http://web-sniffer.net Headers Blank line Data – none for GET the University of Greenwich
HTTP Response HTTP version Status code Reason phrase Headers HTTP/1.0 200 OK Date: Thu, 21 Sep 2006 22:06:05 GMT Server: Apache/1.3.33 (Unix) PHP/4.3.10 Connection: close Content-Type: text/html ETag: "5d150-141c-450f244f" Last-Modified: Mon, 18 Sep 2006 22:57:19 GMT Content-Length: 5184 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict <html xmlns="http://www.w3.org/1999/xhtml"> ... </html> Data the University of Greenwich
HTTP Server Status Codes the University of Greenwich
HTTP • HTTP is a stateless protocol • Each HTTP request is independent of previous and subsequent requests • HTTP/1.0 defaults to Connection: close • closes the channel of communication immediately after a response • Connection: keep-alive was introduced to enable persistent connections • no need to re-negotiate a connection for each request • a connection can be re-used for multiple requests • HTTP/1.1 defaults to keep-alive for efficiency • supports pipelining to allow multiple requests to be sent in one TCP packet • The stateless nature of HTTP has a big impact on how web applications are designed • we will look very closely at this the University of Greenwich
Advantages of a Stateless HTTP • Each HTTP request is independent of all previous requests • simplifies server design • reduces demand on server resources • no storage is required to track clients • although most servers will log traffic • As soon as a request has been serviced the connection is dropped • server does not maintain idle connections • as in stateful protocols such as FTP or telnet • allows each server thread to be continually busy servicing requests • allows a server to scale to many clients • client requests not denied because all server threads are busy the University of Greenwich
Advantages of a Stateless HTTP • Each HTTP request is independent • simplifies assembly of pages from multiple resources • images, media, stylesheets, etc. • resources may come from several servers • load can be distributed across servers • HTTP GET responses are assumed to be stateless and may be cached by clients and proxies (and servers) • improves the speed of response to the user • reduces network and server loads allowing the Web to scale • Applications are resilient to network failure • a network glitch will not cause loss of state • especially significant for mobile applications the University of Greenwich
State Preservation • State preservation mechanisms come in three basic variations: • cookies • store a small amount of information on the client • sent to the server at each HTTP request • session variables • a unique identifier is used to associate information stored on the server with a particular client • passing data at each request-response cycle • store information in the web page • appending data to a URL • hidden fields in HTML forms the University of Greenwich
HTTPS • A secure version of HTTP • syntactically identical to HTTP • Allows client and server to exchange data with confidence that the data was neither modified nor intercepted during transmission • essential when communicating sensitive information over the Web • Implements HTTP over Secure Sockets Layer (SSL) • SSL is also known as Transport Layer Security protocol (TLS) • uses public key encryption to encode data during transmission the University of Greenwich
HTTP Authentication • HTTP basic authentication is supported by most clients • this does not alter the fact that HTTP is stateless • The username and password (with a colon delimiter) are Base64 encoded into the HTTP request header Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ== • This string is decoded by the server and compared with credentials previously stored on the server • the login popup is generated by the browser • the browser remembers the credentials and sends them with every subsequent request • This is not a secure mechanism • the Base64 encoding is simply used for character encoding • anyone can decode this • the mechanism assumes that the network is secure • so OK if using HTTPS the University of Greenwich
URIs, URLs and URNs • Uniform Resource Identifier (URI = URL or URN) • generic term for all resource names and addresses • Uniform Resource Locator (URL) • a set of URI schemes that have explicit instructions on how to access a resource over the Internet • globally unique • Uniform Resource Name (URN) • a URI that has an institutional commitment to availability and persistence • http://www.w3.org/Addressing • http://www.w3.org/Addressing/URL/5_BNF.html • http://w3.foo.net:8080/bar/index.php?fruit=plum&user=joe • [protocol]://[host]:[port]/[file path]?[arg]=[val]&[arg]=[val] the University of Greenwich
Domain Name System DNS • Human-friendly domain names, gre.ac.uk • Globally unique identification of computers (hosts) bukowski.gre.ac.uk • Hierarchical name space with limited root names • organisational: .com .net .gov .edu .org .mil • national: .uk .jp .de .fr .tv etc. • Internet Corporation For Assigned Names and Numbers (ICANN) assumes responsibility for global coordination of the namespace • ICANN assigns control of each namespace to a registration authority • e.g. VeriSign for .com, Nominet for .uk • the Joint Academic Network (JANET) acts as authority for .ac.uk • JANET devolves authority for .gre.ac.uk to the University of Greenwich the University of Greenwich
Domain Name System DNS • DNS servers map domain names to IP addresses • usually using the Berkeley Internet Name Daemon (BIND) • actually mapping fully qualified machine names to IP addresses • Web client contacts it’s local DNS server to translate the domain part of a URL into an IP address • If the local DNS server cannot resolve the address then the request is passed to DNS at the next level of controlling authority • resolved addresses are cached by the local DNS server • and by the browser • The browser can then send an HTTP request to the IP address http://staffweb.cms.gre.ac.uk/~mk05/page1.html Is the same as… http://193.60.76.168/~mk05/page1.html the University of Greenwich
Multipurpose Internet Mail Extensions MIME • Originally designed for email, also used for HTTP • Tells the browser how to interpret the incoming data • Defines types of data/documents • ASCII - text/plain, text/html, text/xml • image formats - image/gif, image/jpeg • audio formats - audio/x-aiff, audio/mpeg3 • binary data - application/octet-stream • Applied by the web server according to the filename extension e.g. a file called daisy.png will be sent with a mime type image/png the University of Greenwich
Hypertext • Conventional text has a single linear narrative path • time line : beginning – middle - end • Hypertext • multiple paths • may be read in any order • possibly an inappropriate order • not new a new concept • an indexed or referenced document • encyclopaedia, academic text • Computers are very good at traversing indexes • first computer hypertext system developed by IBM in 1968 • required a mainframe computer • first popular system Apple HyperCard in 1987 the University of Greenwich
HyperText Markup Language HTML • Originally defined by Tim Berners-Lee circa 1992 • further developed by the IETF • simplified version of the Standard Generalized Markup Language (SGML) • an international standard (ISO) HTML4.01 1999 • later specifications are maintained by the W3C • Tag based markup • tags define the structure of a page • metadata describing how to render the page • headings, paragraphs, lists, etc. • tags can have attributes • provide extra clues about page rendering e.g. colour, font, size, decoration • anchor tags link to other (parts of) pages • hypertext the University of Greenwich
HTML <HTML> <HEAD> <TITLE>page1.html</TITLE> </HEAD> <BODY BGCOLOR="#FFFFDD"> <H1>Simple Example HTML page</H1> <P> This <I>paragraph</I> contains an anchor tag<BR> <A HREF="page2.html">click here for the next page</A> </P> </BODY> </HTML> the University of Greenwich
Cascading Style Sheets CSS • Rules to control HTML web page rendering in the web browser • provides greater styling control than HTML • Author styles • external style sheets • one style sheet can be used with many web pages • one web page can use many style sheets • improves consistency of style across the pages of a web site • easier updating and maintenance of the web site • embedded styles • rules embedded in the head of an HTML page • inline styles • rules as attributes in individual HTML tags • User styles and user agent styles • applied by the user to cater for their individual needs • Style rules cascade • inherited from parent tag to child tag • from external to embedded to inline the University of Greenwich
Client Side Scripting • Executable script embedded into HTML pages • Parsed and executed by the web client • Usually JavaScript • native support in most web clients • Script may be included as: • an external file • embedded in the page head • inline with the page content • Can access and operate on page contents • using the Document Object Model (DOM) • Can respond to events in the browser • e.g. onClick, onMouseOver, onKeyPress • Used to enhance the user experience • e.g. image rollovers, form data validation the University of Greenwich
Extensible Markup LanguageXML • Simplified subset of SGML • A meta-language - extensible • a language for defining other languages e.g. XHTML, MathML, SVG, RSS, RDF • Represents hierarchical data • tree structure • human and machine readable format • Useful for data exchange and transformation • Facilitates separation of content from presentation • Enabling technology for web services and the semantic web the University of Greenwich
Extensible HyperText Markup Language XHTML • XHTML is an XML conforming HTML • XHTML 1.0 first published in 2000 • three variants – transitional, frameset, strict • XHTML 1.1 became a W3C recommendation in 2001 • strict and modular • Many HTML tags and attributes are deprecated • all styling is deprecated from strict XHTML • Strict syntax forces separation of content from presentation • XHTML tags describe only the page structure • greatly simplifies page markup • CSS is used to provide presentation • cleaner code improves legibility, maintenance and accessibility • recommended by WAI the University of Greenwich
Multipart HTML documents • It is usual for HTML documents to be composed from several component parts such as • CSS • JavaScript • images • media - audio, video, Shockwave (Flash movies) • applets – small Java applications • Each component part has to be downloaded from a web server • multiple HTTP requests are required to download a single web page • HTTP 1.1 can pipeline these requests • components are not necessarily from the same web server the University of Greenwich
Server Side Scripting • Application program running on the web server • output is returned to the web browser • usually HTML • Can access resources on the server • files, databases • Common Gateway Interface (CGI) • standard way to allow programs to run on the web server • often Perl scripts • may be written in any language the server supports • output from the program (STDOUT) is routed through the web server back to the client • Web server scripting environments • executable script embedded into HTML pages e.g. Active Server Pages (ASP), PHP Hypertext Preprocessor (PHP), Java Server Pages (JSP), Server Side Includes (SSI) the University of Greenwich
LSEP • The following do not exist in isolation • Legal • the law applicable to Web applications • Social • the impact of Web applications on society • Ethical • a code of ethics in Web development • Professional • all of the above plus professional practice in software engineering Web applications the University of Greenwich
HTML HTML Generation 1Static HTML Generation 2Web Applications Web ServicesEvolution of the Web HTML, XML XML XML Generation 3Web Services the University of Greenwich
Evolution of the Web • The Web was originally conceived to serve static HTML pages over HTTP • In a short period of time many technologies were introduced and developed to provide dynamic, interactive web pages and stateful web applications • In an even shorter period of time the Web has dramatically changed many of the ways in which we work, relax and function as individuals and as a society • Web technologies continue to advance to support service oriented architectures and the semantic web • From this soup of technologies Web2.0 has evolved the University of Greenwich
Evolution of the Web HTML, XML XML user generated content asynchronous partial page updates service oriented architectures Generation 4Web 2.0 the University of Greenwich
Questions the University of Greenwich
Further reading • The World Wide Web Consortium http://www.w3.org/ http://www.w3.org/WAI/ http://www.w3.org/Addressing/ • Wikipedia http://www.wikipedia.org/ • Mozilla http://www.mozilla.org • Apache http://www.apache.org • Web Resources collected by Kevin McManus http://staffweb.cms.gre.ac.uk/~k.mcmanus/web the University of Greenwich
Questions • What is the sequence of events in a web browser such as Mozilla when you follow a link to the following URL? http://staffweb.cms.gre.ac.uk/~k.mcmanus • What are the advantages of using a simple stateless protocol to implement the Web? • Why was HTTP1.1 developed? • What MIME type will a web server respond with for a filename extension of .php? • What are stateful web applications? the University of Greenwich