Public

    1143665336

    Master this deck with 77 terms through effective study methods.

    Imported from Quizlet

    Created by @gband

    Web browser

    Serves as client-side, Integrates: HTML, CSS, Client-side Programs

    HTML

    used for creating web pages, Elements consists of tags enclosed in angle brackets,

    CSS (Cascading Style Sheets)

    Specifies how document written in mark up language should be presented/styled.

    What do HTML and CSS primarily create?

    Static web pages

    Why do web pages need to be dynamic?

    To be more useful and interactive for users.

    What does "dynamic content" mean in web development?

    Content that can change based on user actions, input, or new data.

    ActiveX

    Software framework created by Microsoft to create dynamic content

    ActiveX Usage

    Predominately used by Internet Explorer

    ActiveX Issues

    Had security issues and lack of cross-platform support

    Java Applets

    Not supported by iOS and Android

    JavaScript

    Most popular choices of programming languages for web pages to create dynamic content

    What does JavaScript allow?

    -Interaction with the user -Control the browser -Communicate Asynchronously with the server

    What is the primary function of a web server?

    To deliver content to clients (browsers).

    What types of content do web servers deliver?

    Web pages, images, style sheets, and scripts.

    What was the nature of web content in the earlier web era?

    Content was static.

    What was the main job of web servers in the earlier web era?

    Hosting static web pages and sending them to browsers.

    What components do web servers now consist of?

    Core & Extensions

    Core

    The core part handles requests from the clients.

    Static Content Request

    If a request asks for static content, the core will process it and send it back.

    Dynamic Content Request

    If a request is for dynamic content, the core will invoke the corresponding extension.

    Extensions

    Processes dynamic content request.

    HTML Page Generation

    After the dynamic content is generated, an HTML page will be sent to core and core will forward it to the client.

    HTTP Server

    The core is typically called as HTTP Server.

    Web Application

    Extension is the web application.

    What provides the core functionality of a web server?

    HTTP server software.

    Name three examples of HTTP server software.

    Apache, (IIS), and Nginx.

    What is one major capability of the Apache web server?

    It can host multiple websites on a single server.

    How are virtual hosts configured in Apache?

    Using a configuration file.

    CGI

    The Common Gateway Interface

    CGI programs

    Can be written in any programming language including C, Perl, Java, Visual Basic etc.

    FastCGI

    A variation of the CGI, faster

    What is a GET request intended for?

    Requesting data from a specified resource

    What should GET requests be used to do?

    Retrieve data

    How do many applications misuse GET requests?

    They use GET to perform actions that should be done with POST

    What is a POST request intended for?

    Submitting data

    GET Requests

    Put data in the URL, making it visible when shared.

    Browser History

    Browsers record URLs visited by the user, including data from GET requests.

    POST Requests

    Data are not recorded in the browser history.

    Sensitive Data Transmission

    It's important not to use GET method when sending passwords or other sensitive data.

    Data Visibility in URLs

    Data as a part of URL are recorded in the browser history for GET requests.

    Stateless Nature of Web Server

    Web servers are designed to be stateless.

    HTTP Request Handling

    Each HTTP request will be considered as a separate request even if the requests are related.

    Multiple Requests

    A user may send multiple requests, each request will be sent as a separate TCP connection.

    Request Processing

    Each request will be handled by different processes/threads.

    State Maintenance

    Web server software will not maintain the state of the requests.

    Stateful Web Applications

    Web applications developed to be used by users are meant to be stateful.

    Why do web applications not know if multiple visits belong to the same user?

    Because the web is stateless.

    Can websites use IP addresses to track user requests?

    Technically no, because IP addresses change.

    What do websites use to keep track of a user?

    HTTP Cookies.

    What are HTTP Cookies used for?

    To save information on the client side.

    Who saves cookies in web applications?

    The browser.

    What do browsers do with cookies?

    Attach cookies in every request.

    Session Cookies

    A cookie that stores session ID.

    Session ID

    Identifies a session.

    Session Data

    Typically maintained on the server.

    Session ID Purpose

    Given to the browser to identify a user.

    Session Creation

    Typically created after user login.

    Access Control

    Having the session ID equals having access.

    Security Sensitivity

    Session ID is security sensitive.

    Session ID Format

    A random number.

    What does Ajax stand for?

    Asynchronous JavaScript and XML

    What is the primary use of Ajax in web development?

    To create interactive web applications.

    How does Ajax enhance web page functionality?

    It allows JavaScript to send HTTP requests to a web server in the background without reloading the entire page.

    What happens when the server responds to an Ajax request?

    The browser uses a callback function to update the data on the page.

    What is a callback function in the context of Ajax?

    A function that is executed after the server response is received, updating the web page with the new data.

    Same Origin Policy

    A default security policy applied on Ajax.

    Ajax Request

    If a page initiating the Ajax comes from a web server A, only response from the same web server can be given to the call back function.

    Successful Ajax Response

    The Ajax request will successfully get the response if the page holding the JavaScript code comes from the same web server.

    Why is cross-origin access blocked?

    To compromise privacy.

    What policy is enforced to manage cross-origin access?

    Same-origin policy.

    What does Ajax code in a Facebook page allow?

    Access to the user's Facebook data.

    What does Ajax code in a Facebook page not allow?

    Access to the user's Google data.

    What is the same-origin policy?

    A security measure that restricts how documents or scripts from one origin can interact with resources from another origin.

    What is CORS?

    Cross-Origin Resource Sharing, a standard that allows cross-origin Ajax requests.

    What does CORS allow?

    It allows web applications to make requests to domains other than the one that served the web page.

    How does a server grant permissions in CORS?

    By providing a whitelist of allowed origins.

    What is an example of a site that implements CORS?

    www.bank99.com