Академический Документы
Профессиональный Документы
Культура Документы
Internet Architecture
It is a Meta-Network, a constantly changing collection of thousands of individual network
intercommunicating with a common protocol. Internet architecture is based on the TCP/IP
protocol, to connect any two networks which may be very different in internal hardware,
software & technical design.
Circuit switching
Phone network generally uses circuit switching. It has fixed bit rate. Circuit switching has no
fault tolerance capacity. Circuit switching components are extremely reliable. Circuit
switching has global application-level knowledge throughout network.
Packet switching
In packet switching each end-end data stream divided into packets. Each packet uses full link
bandwidth. Resources are used as needed. Resources are shared on demand. It has variable
bit rate. Packet switching has fault tolerance capacity. Packet switching components
are not extremely reliable.
Hourglass design
End-to-end principle leads to Hourglass design of protocols. In Hourglass design
Minimal required elements are at narrowest point. Hourglass design simplicity allows fast
deployment of multi-vendor, multi-provider public network. It is easy to implement.
Hardware requirement is also minimal. There are two dominant services layered above IP.
TCP Transmission Control Protocol which provides connection-oriented service and UDP
User Datagram Protocol which provides connectionless service.
Time-variant: content changes over time stock quote, weather report generated using
scripts on server
Inactive: document has no internal meaning just syntax pure HTML
Active: document contains program JavaScript, Java applet, VB code, Flash animation
Is addressed by: Uniform Resource Locator, URL
Is-communicated-via HTTP
Internet Protocol
The Internet Protocol (IP) is a network-layer (Layer 3) protocol that contains addressing
information and some control information that enables packets to be routed.
Along with the Transmission Control Protocol (TCP), IP represents the heart of the Internet
protocols.
IP has two primary responsibilities
1. Providing connectionless, best-effort delivery of datagram through an internetwork
2. Providing fragmentation and reassembly of datagram to support data links with different
maximum-transmission unit (MTU) sizes.
IP Packet Format
An IP packet contains several types of information, as illustrated in Fig.
Versionindicates the version of IP currently used. IP Header Length (IHL)indicates the
datagram header length in 32-bit words.
Type-of-ServiceSpecifies how an upper-layer protocol would like a current datagram to
be handled, and assigns datagram various levels of importance.
Total Lengthspecifies the length, in bytes, of the entire IP packet, including the data and
header.
IdentificationContains an integer that identifies the current datagram. This field is used to
help piece together datagram fragments.
Flagsconsist of a 3-bit field of which the two low-order (least-significant) bits control
fragmentation. The low-order bit specifies whether the packet can be fragmented. The middle
bit specifies whether the packet is the last fragment in a series of fragmented packets. The
third or high-order bit is not used.
Fragment Offsetindicates the position of the fragments data relative to the beginning of
the data in the original datagram, which allows the destination IP process to properly
reconstruct the original datagram.
Time-to-Livemaintains a counter that gradually decrements down to zero, at which point
the datagram is discarded. This keeps packets from looping endlessly.
ProtocolIndicates which upper-layer protocol receives incoming packets after IP
processing is complete.
Header Checksumhelps ensure IP header integrity.
3
IP Address Format
The 32-bit IP address is grouped eight bits at a time, separated by dots, and represented in
decimal format (known as dotted decimal notation). Each bit in the octet has a binary weight
(128, 64, 32, 16, 8, 4, 2, 1). The minimum value for an octet is 0, and the maximum value for
an octet is 255. Figure 30-3 illustrates the basic format of an IP address.
IP Address Classes
IP addressing supports 5 different address classes: A, B, C, D, and E. Only classes A, B, and
C are available for commercial use. The left-most (high-order) bits indicate the network class.
IP Subnet Addressing
IP networks can be divided into smaller networks called sub networks (or subnets).
Subnetting provides the network administrator with several benefits, including extra
flexibility, more efficient use of network addresses, and the capability to contain broadcast
traffic. A given network address can be broken up into many sub networks. For example,
172.16.1.0, 172.16.2.0, 172.16.3.0, and 172.16.4.0 are all subnets within network 171.16.0.0.
(All 0s in the host portion of an address specifies the entire network.)
Web Server
Definition: Program that understands the HTTP protocol and generates appropriate
responses is called web server.
Generally clients connect to the machine and send a request then server reads request,
generates response and client interprets response appropriately.
Client asks for file and server finds appropriate file then server sends back a response
header followed by the requested files data and at last server closes connection.
Web server and client communicate with platform-independent Hypertext Transfer Protocol
(HTTP).
HTTP request methods
get
post
Retrieve and send client form data to Web server
Post data to a server-side form handler
System Architecture
Multi-tier application (n-tier application)
Information tier (data or bottom tier)
4
Web Application
A web application is an application that is accessed by users over a network such as the
Internet or an intranet.
The term may also mean a computer software application that is coded in a browser
supported programming language (such as JavaScript, combined with a browser-rendered
markup language like HTML).
5
Web applications are popular due to the ubiquity of web browsers, and the convenience of
using a web browser as a client, sometimes called a thin client.
The ability to update and maintain web applications without distributing and installing
software on potentially thousands of client computers is a key reason for their popularity, as
is the inherent support for cross platform compatibility.
Common web applications include webmail, online retail sales, online auctions, wikis and
many other functions.
Web developers often use client-side scripting to add functionality, especially to create an
interactive experience that does not require page reloading.
Ajax, a web development technique using a combination of various technologies, is an
example of technology which creates a more interactive experience.
Applications are usually broken into logical chunks called "tiers", where every tier is
assigned a role.
Examples of browser applications are simple office software (word processors, online
spreadsheets, and presentation tools), but can also include more advanced applications such
as project management, computer-aided design, video editing and point-of-sale.
1. Input Validation
The following practices improve your Web application's input validation:
Assume all input is malicious.
Centralize your approach.
Do not rely on client-side validation.
Be careful with canonicalization issues.
2. Authentication
Authentication is the process of determining caller identity. There are three aspects to
consider:
1.
Identify where authentication is required in your application. It is generally
required whenever a trust boundary is crossed.
2.
Validate who the caller is. Users typically authenticate themselves with
user names and passwords.
3.
Identify the user on subsequent requests. This requires some form of
authentication token.
The following practices improve your Web application's authentication:
Separate public and restricted areas.
Use account lockout policies for end-user accounts.
Support password expiration periods.
Be able to disable accounts.
Do not store passwords in user stores.
Require strong passwords.
Do not send passwords over the wire in plaintext.
Protect authentication cookies.
3. Authorization
Authorization determines what the authenticated identity can do and the resources that can be
accessed.
The following practices improve your Web application's authorization:
Restrict user access to system-level resources.
Consider authorization granularity.
4. Configuration Management
Most applications require interfaces that allow content developers, operators, and
administrators to configure the application and manage items such as Web page content, user
accounts, user profile information, and database connection strings.
The following practices improve the security of your Web application's configuration
management:
Secure your administration interfaces.
Secure your configuration store.
Maintain separate administration privileges.
Use least privileged process and service accounts.
5. Sensitive data
Applications that deal with private user information such as credit card numbers, addresses,
medical records, and so on should take special steps to make sure that the data remains
private and unaltered.
The following practices improve the security of your Web application's handling of secrets:
Do not store secrets if you can avoid it.
Do not store secrets in code.
Do not store database connections, passwords, or keys in plaintext.
Avoid storing secrets in the Local Security Authority (LSA).
Use Data Protection API (DPAPI) for encrypting secrets.
6. Session Management
Web applications are built on the stateless HTTP protocol, so session management is an
application-level responsibility.
The following practices improve the security of your Web application's session
management:
Use SSL to protect session authentication cookies.
Encrypt the contents of the authentication cookies.
Limit session lifetime.
Protect session state from unauthorized access.
7. Cryptography
Web applications frequently use cryptography to secure data in persistent stores or as it is
transmitted across networks.
The following practices improve your Web application's security when you use cryptography:
Do not develop your own cryptography.
Keep unencrypted data close to the algorithm.
Use the correct algorithm and correct key size.
Secure your encryption keys.
8. Parameter Manipulation
This may be data sent using query strings, form fields, cookies, or in HTTP headers.
The following practices help secure your Web application's parameter manipulation:
Encrypt sensitive cookie state.
Make sure that users do not bypass your checks.
Validate all values sent from the client.
Do not trust HTTP header information.
9. Exception Management
Secure exception handling can help prevent certain application-level denial of service attacks
and it can also be used to prevent valuable system-level information useful to attackers from
being returned to the client.
The following practices help secure your Web application's exception management:
Do not leak information to the client.
Log detailed error messages.
Catch exceptions.
Proxy Server
It is a specialized HTTP Server.
The proxy server acts as an intermediate server that relays requests between a client and a
server.
The proxy server keeps track of all the client-server interactions, which allows you to
monitor exactly what is going on, without having to access the main server.
8
Functions as a firewall.
Protects client computers from Hackers by limiting outside access to clients.
You can use the proxy server to monitor all client-server interaction, regardless of the
communication protocol.
For example, you can monitor the following protocols:
HTTP for Web pages
HTTPS for secure Web pages
SMTP for email messages
Advantages
Terminates the TCP connection before relaying to target host (in and out)
Hide internal clients from external network
Blocking of dangerous URLs
Filter dangerous content
Check consistency of retrieved content
Eliminate need for transport layer routing between networks
Single point of access, control and logging
Disadvantages
Single point of failure
o If the proxy dies , no one can get to the external network
Client software must usually be designed to use a proxy
Proxies must exist for each service
Doesnt protect the OS
o Proxies run at the application level
Create a service bottleneck
o solved via parallelism (more proxies, and load balance)
Allows an external executable file to respond to an HTTP Request from the browser.
CGI defines how information is passed from the web server to the executable program and
how information is passed from this back to the server.
A CGI script must be an executable file (have x rights) and must have the .cgi extension
The CGI script must be placed in the cgi-bin directory in the public_html directory of the
user.
Drawbacks of CGI
Because no special web-oriented language is used for writing CGI scripts (e.g. shell, Perl,
c/c++, python etc.) errors are highly probable and so, security vulnerabilities due to these
problems
Usually a new process is created for each run of a CGI script; this increases the load on the
server
CGI scripts are executable file; they can write/delete from the local disk, so this is security
vulnerability.
Cookies
A cookie is a small text file that JavaScript can use to store customized information about a
user.
JavaScript deals with cookies as objects.
Specifically, JavaScript works with cookies using the document. Cookies attribute.
We can read information from cookies by examining the document. Cookie object.
Types of cookies
10
1. Session Cookies
A browser stores session cookies in memory.
Once a browser session ends, browser loses the contents of a session cookie.
2. Persistent Cookies
Browsers store persistent cookies to a users hard drive.
We can use persistent cookies to customize information about a user that we
can use when the user returns to a website at a later date.
Setting a Cookie
window.document.cookie = cookieName = cookieValue [; expires = expireDate] [; path =
pathName] [; domain = domainName] [; secure];
Calling SetCookie ()
We can call the SetCookie () function from the Cookie Library using the following syntax:
SetCookie (name, value [, expires] [, path] [, domain] [, secure] );
Calling DeletCookie ()
We can call the DeletCookie () function from the Cookie Library using the following syntax:
DeletCookie (name, [, path] [, domain]);
Modifying a Cookie
We can call the SetCookie () function from the Cookie Library to modify a cookie.
Overwriting the previous cookie.
Limitations
A given domain may only set 20 cookies per machine.
A single browser may only store 300 cookies.
Browsers limit a single cookie to 4KB.
Search Engines
Search engine Helps people find what theyre looking for. Search starts with an
information need, Convert to a query and Gets results.
Search cant find whats not there.
Search is Mostly Invisible.
Search engine makes a Searchable Index.
Web crawlers
Web pages are few thousand characters long.
Web pages are served through the internet using the hypertext transport protocol (HTTP).
Web pages are viewed at client end using `browsers.
Crawler will fetch the pages to the computer.
At the computer automatic programs can analyze hypertext documents.
Crawling procedure is simple.
Crawler start from a given set of URLs
o Progressively fetch and scan them for new out linking URLs
o Fetch these pages in turn..
o Submit the text in page to a text indexing system
Structure of a crawler
Each page is stored in compressed form to disk/tape
Each page is scanned for outlinks
Work pool of outlinks maintain network utilization without overloading it
Page fetching threads finishes when the entire page has been fetched
Continue till the crawler has collected a sufficient number of pages.
Web Services
Web services is an effort to build a distributed computing platform for the Web.
Web service applications are encapsulated, loosely coupled Web components that can
bind dynamically to each other.
Web services are software components that communicate using pervasive, standards-based
Web technologies including HTTP and XML-based messaging.
Web services are powered by XML and three other core technologies: WSDL, SOAP, and
UDDI.
Plug-in Module
A plug-in (or plugin) is a software component that adds a specific feature to an existing
software application.
When an application supports plug-ins, it enables customization.
The common examples are the plug-ins used in web browsers to add new features such as
search-engines, virus scanners, or the ability to utilize a new file type such as a new video
format. Well-known browser plug-ins include the Adobe Flash Player, the QuickTime Player,
and the Java plug-in, which can launch a user-activated Java applet on a web page to its
execution a local Java virtual machine.
Add-on (or addon) in computing is the general term comprising snap-ins, plug-ins,
extensions, and themes for software applications.
Mechanism
15
As shown in the figure, the host application provides services which the plug-in can use,
including a way for plug-ins to register themselves with the host application and a protocol
for the exchange of data with plug-ins.
Plug-ins depend on the services provided by the host application and do not usually work by
themselves.
Conversely, the host application operates independently of the plug-ins, making it possible
for end-users to add and update plug-ins dynamically without needing to make changes to the
host application.
Open application programming interfaces (APIs) provide a standard interface, allowing
third parties to create plug-ins that interact with the host application.
A stable API allows third-party plug-ins to continue to function as the original version
changes and to extend the life-cycle of obsolete applications.
The Adobe Photoshop and After Effects plug-in APIs have become a standard and
competing applications such as Corel Paint Shop Pro have adopted them.
One obvious application for this mechanism is to ensure consistency of nomenclature; another,
more significant one, is to counter the notorious inability of different computer systems to
understand each others character sets, or of any one system to provide all the graphic characters
needed for a particular application, by providing descriptive mappings for non-portable
characters.
The strings defined by this string-substitution mechanism are called entities.
There are already several working, multi-user systems implemented on top of VRML
proof that the incremental approach is working.
VRML is not a programming library for application developers. Since VRML is based on
the Open Inventor file format, many people assume that it also provides the rich
programming interfaces and tools included in the Open Inventor toolkit.
In actuality, VRML is an extended subset of Open Inventor's file format and does not define
an application programme interface (API).
The fact that VRML includes scripting language integration tends to promote this
misconception. Scripting language capabilities are predominantly intended for authors who
need more power or integration.
After much discussion it was decided to base the language on the Open Inventor
ASCII File Format from Silicon Graphics, Inc.
The Inventor File Format supports complete descriptions of 3D scenes with polytonally
rendered objects, lighting, materials, ambient properties and realism effects.
A subset of the Inventor File Format, with extensions to support networking, forms the basis
of VRML.
VRML is designed to meet the following requirements:
Platform independence
Extensibility
Ability to work well over low-bandwidth connections
As with HTML, the above are absolute requirements for a network language standard.
The initial version was VRML 1.0. Subsequent developments have led to VRML 2.0 and
most recently VRML97.
All that is needed is an ordinary editor such as Notepad to edit the code and a renderer to
draw the scene from the instructions contained in the file. For a web-bases environment this
means the browser used to interpret the file must have a plug-in to draw the scene and
interpret the manipulation of the graphics.
The browser plug-in being used is Cosmo Player. You can download this free onto any
machine.
To display the model in a browser window simply run the .wrl file using explorer or
Netscape
Language Basics
General Syntax
For easy identification of VRML files, every VRML file must begin with the characters:
#VRML V1.0 ascii (or #VRML V2.0 utf8 )
Any characters after these on the same line are ignored.
The line is terminated by either the ASCII newline or carriage-return characters.
The '#' character begins a comment; all characters until the next newline or carriage return
are ignored. The only exception to this is within string fields, where the '#' character will be
part of the string.
Blanks, tabs, newlines and carriage returns are whitespace characters wherever they appear
outside of string fields. One or more whitespace characters separates the syntactical entities in
VRML files, where necessary.
After the required header, a VRML file contains exactly one VRML node. That node may
of course be a group node, containing any number of other nodes.
Coordinate System
VRML uses a cartesian, right-handed, 3-dimensional coordinate system. By default,
objects are projected onto a 2-dimensional device by projecting them in the direction
of the positive Z axis, with the positive X axis to the right and the positive Y axis up.
A camera or modeling transformation may be used to alter this default projection.
The standard unit for lengths and distances specified is meters. The standard unit for
19
angles is radians.
An example program
What is XML?
The Extensible Markup Language (XML) is a flexible, nonproprietary set of standards for
annotating or tagging information so that it can be transmitted over a network and readily
interpreted by disparate computer systems.
XML is not really a language in itself, but a specification for creating markup languages.
Some industries and organizations have formed their own XML tag vocabularies to facilitate
data exchange.
By creating XML tags for their specific needs, application developers have been able to
create XML applications that are specific to their industry. This is why it is called extensible.
The term XML is also used to refer to the family of technologies that perform special
functions on XML files.
Like HTML, XML is a markup language. XML text files are comprised of data mixed in
with opening and closing tags. These tags markup the text they surround.
In HTML, there are a finite number of tags to use and the tags control the display of text.
Web browsers interpret the tags and render a page accordingly.
In an XML file, the tags usually provide a semantic description of what is inside.
In other words, XML provides a facility to define tags and the structural relationships
between them. The tag structure is strict and hierarchical, but the application developer can
use as many tags as needed for their application (see Example 4).
XML files that are used for a specific application must be well formed and valid.
Well Formed XML
If XML files meet the following criteria, they are considered well formed:
There is only one root element,
XML tags can be nested but must not overlap,
Every starting tag must have a corresponding closing tag; and,
Element names must obey XML naming conventions.
Example 1:
<b> John Doe </b>
In a web browser, this would show
bold text
<b> start tag
</b> end tag.
<b> John Doe </b> element
Example 2: A well-formed XML file:
<NAME>
<FIRST>John</FIRST>
<MIDDLE>Robert</MIDDLE>
<LAST>Doe</LAST>
</NAME>
The hierarchy is unambiguous,
<NAME></NAME> tag pair comprise the root element,
<FIRST>, <MIDDLE> and <LAST> are nested and subordinate to
<NAME>; and,
All the tags have a corresponding end tag.
20
Introduction to XHTML
What is XHTML?
21
XHTML is an extension of HTML designed to work with XML user agents. The current
version is XHTML1.1.
HTML is a standard language for publishing on the World Wide Web.
HTML is an application of SGML (Standard Generalized Markup Language).
SGML is the de facto standard for describing markup languages particularly those used in
electronic format but not necessarily for the internet. HTML specifies only a small set of
structural and semantic tags.
HTML has support for hypertext and multimedia.
Differences between XHTML with HTML
Documents must be well formed.
All elements must be properly nested, inner tags are closed before outer tags.
Elements and attribute names must be in lower case.
For non-empty elements, end tags are required.
Attribute values must always be quoted.
Empty elements must either have an end tag or the start tag must end with />.
Document Type Definition (DTD) is a collection of XML markup definitions that defines
the legal structure of the language.
There are three variations of the DTDs for XHTML - strict, transitional, and frameset. An
XHTML document must conform to one of them and the declaration should be the first line
of code.
<! DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<! DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<! DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-frameset.dtd">
<! DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
The root element of an XHTML document must be html and the XHTML namespace has to
be declared:
<html xmlns="http://www.w3.org/1999/xhtml">
Paragraphs
Use <p></p> tag to delineate paragraphs. The <pre></pre> tag tells browsers that the
enclosed text is preformatted.
Browsers may then leave white space, render text in monospace font, and disable automatic
word wrap.
Headers
Links
Links can take the viewer to a resource on the same computer or on a different computer.
The syntax for the link is:
<a href = "path/to/file"> ... </a>
The path could be an absolute path (http://www.google.com) or a relative path
(/events/default.asp).
22
An internal link would take the viewer to a different part of the same document. For
example this internal link will take me to the section on forms. (#forms) Note the use of
tags.
Instead of a path you can insert an email address elota.patton@mail.utexas.edu
(mailto:elota.patton@mail.utexas.edu). This will bring up an e-mail form for the user.
Images
Use the <img />element to include graphics. The height and width attributes are given in
pixels. It is good practice to only set the width and not the height. The alt, which is
displayed the case the image is not or when you hover over the image, is required. (<img
src="./NGC1300.jpg" width="300" alt="Image of galaxy" />)
Line Breaks
Line breaks are introduced with < br />.
Horizontal Line
Now we will introduce a horizontal line with the <hr /> element.
Special Characters
Here is a list of special characters in XHTML. You can write these characters in two ways either using the English
mnemonic or the hexadecimal code. For example the ampersand symbol can be written as:
& or & Others
include (non-breaking space), © (), < (<), and > (>).
Lists - Unordered, Ordered, and Definition
Unordered list:
red
blue
yellow
green
o light green
o dark green
<ul>
<li> red </li>
<li> blue </li>
<li> yellow </li>
<li> green
<ul>
<li>light green</li>
<li>dark green</li>
</ul>
</li>
</ul>
Ordered list:
1. One
2. Two
3. Three
23
<ol>
<li> One </li>
<li> Two </li>
<li> Three </li>
</ol>
Definition list:
<dl>
<dt> Client </dt>
<dd> A software program that makes a request for a resource using HTTP.</dd>
<dt> Server </dt>
<dd> Machine that hosts the resources and services requests from client programs.</dd>
</dl>
Client : A software program that makes a request for a resource using HTTP.
Server : A machine that hosts the resources and services requests from client programs.
Tables
A table has a border, caption, head, foot, and body. The body is made out of cells spanning
rows and columns.
Distribution of Rhinoceroses
Type
Population
Black Rhino
3610
White Rhino
11100
Indian Rhino
2400
Javan Rhino
60
Sumatran Rhino 300
Total
17470
2
3
Forms
A form has the following components:
Buttons like Submit and Reset
Text field and area
Checkboxes
Radio Buttons
Menus - Single or Multiple Selections
A form must specify the method by which the data is transported - GET or POST.
The action attribute, which is the location of the script on the server side that will process the
form data, is required. Borderless nested tables can be used to align and present the form
elements.
Here is an example of a simple survey form.
Name:
Comments:
E-mail Address:
Things you liked:
Site Design Links Ease of Use Images
How did you get to our site?
Search Engine
Link from another site
Reference in a book
Rate our site: Excellent
Other
Enter Clear
The meta element allows search engine to know what is in the web page without having to go
through every line.
This element has two attributes: name and content. The name attribute can have two values
keywords or description.
The meta element is placed in the head section of the page.
<meta name = "keywords" content = "XHTML, Paragraphs, Headers, Lists, Tables, Forms"
/>
<meta name = "description" content = "This page gives a brief introduction to the XHTML
syntax." />
What are Web server interfaces used for? Give an example.
Web interfaces provide a means of exposing data within a database to the Internet and
initiating transactions with it.
Depending on how the interface is configured, it may be another application accessing the
exposed parts of the database or an individual surfing the web via their browser.
The software managing the user interface, be it JAVA, PHP or .NET, will perform data
integrity and manage access to the database.
It is important to remember that applications placed on the Web are stateless, what we see
in the web browser may not necessarily reflect the current state of the data in the database,
but rather what the state of the data was at the time it was accessed.
For instance, weather.com may provide an accurate forecast within a few hours of the page
being loaded, but, the longer we go without refreshing the page, the more removed from that
state of data we become. After a day, even the date displayed on the page is no longer valid if
we do not refresh its state.
Client-side scripting
Client-side scripting is changing interface behaviors within a specific web page in response
to mouse or keyboard actions, or at specified timing events. In this case, the dynamic
behavior occurs within the presentation.
The Client-side content is generated on the user's local computer system.
Such web pages use presentation technology called rich interfaced pages. Client-side
scripting languages like JavaScript or ActionScript, used for Dynamic HTML (DHTML) and
26
Flash technologies respectively, are frequently used to orchestrate media types (sound,
animations, changing text, etc.) of the presentation.
The scripting also allows use of remote scripting, a technique by which the DHTML page
requests additional information from a server, using a hidden Frame[disambiguation needed],
XMLHttpRequests, or a Web service.
The first "widespread used" version of JavaScript was in 1996 (with Netscape 3 an
ECMAScript standard).
Server-side scripting
A program running on a web server (server-side scripting) is used to change the web content
on various web pages, or to adjust the sequence of or reload of the web pages. Server
responses may be determined by such conditions as data in a posted HTML form, parameters
in the URL, the type of browser being used, the passage of time, or a database or server state.
Such web pages are often created with the help of server-side languages such as ASP,
ColdFusion, Perl, PHP, Ruby, WebDNA and other languages. These server-side languages
often use the Common Gateway Interface (CGI) to produce dynamic web pages. Three
notable exceptions are ASP.NET, JSP, and LSP, which reuse CGI concepts in their APIs but
actually dispatch all web requests into a shared virtual machine.
Dynamic web pages are often cached when there are few or no changes expected and the
page is anticipated to receive considerable amount of web traffic that would create slow load
times for the server if it had to generate the pages on the fly for each request.
Combination
Ajax is a web development technique for dynamically interchanging content which sends a
request to the server for data. The server returns the requested data which is then formatted
by a client side script.
This technique reduces server load time because the client does not request the entire
webpage to be regenerated by the server's language parser; only the content that will change
is transmitted.
Google Maps is an example of a web application that uses Ajax techniques.
A Web client program (such as a web browser) can access data from many different servers,
such as Gopher, FTP, NNTP (Usenet) or HTTP. The HTTP server was designed specifically
for the Web, and employs a protocol (system of messages) that supports sending documents
from the server to a browser, and that also support sending complex data from the client back
to the server.
There are several HTTP methods for doing this (in HTTP, methods is a technical term for
the way in which data are sent between a client browser and server).
Scripting language
A scripting language or script language is a programming language that supports the writing
of scripts, programs written for a software environment that automate the execution of tasks
which could alternatively be executed one-by-one by a human operator. Environments that
can be
automated through scripting include software applications, web pages within a web browser,
the shellsof operating systems, and several general
purpose and domain-specific languages such as those for embedded systems.
Scripts can be written and executed "on-the-fly", without explicit compile and link steps;
they are typically created or modified by the person executing them.
A scripting language is usuallyinterpreted from source code or bytecode. By contrast, the
software environment the scripts are written for is typically written in a compiled language
and distributed in machine code form; the user may not have access to its source code, let
alone be able to modify it.
The spectrum of scripting languages ranges from very small and highly domain-specific
languages to general-purpose programming languages.
The term script is typically reserved for small programs (up to a few thousand lines of code).
27
JavaScript began as and primarily still is a language for scripting inside web browsers;
however, the standardization of the language as ECMAScript has made it popular as a
general purpose embeddable language.
In particular, the Mozilla implementation SpiderMonkey is embedded in several
environments such as the Yahoo! Widget Engine.
Other applications embedding ECMAScript implementations include the Adobe products
Adobe Flash (ActionScript) and Adobe Acrobat (for scripting PDF files).
Tcl was created as an extension language but has come to be used more frequently as a
general purpose language in roles similar to Python, Perl,
and Ruby.
On the other hand, Rexx was originally created as a job control language, but is widely used
as an extension language as well as a general purpose language.
Other complex and task-oriented applications may incorporate and expose an embedded
programming language to allow their users more control and give them more functionality
than can be available through a user interface, no matter how sophisticated.
For example, Autodesk Maya 3D authoring tools embed the MEL scripting language, or
Blender which has Python to fill this role.
Some other types of applications that need faster feature addition or tweak-and-run cycles
(e.g. game engines) also use an embedded language.
During the development, this allows them to prototype features faster and tweak more
freely, without the need for the user to have intimate knowledge
of the inner workings of the application or to rebuild it after each tweak (which can take a
significant amount of time.)
The scripting languages used for this purpose range from the more common and more
famous Lua and Python to lesser-known ones such as AngelScript and Squirrel.
Ch is another C compatible scripting option for the industry to embed into C/C++
application programs.
Market analysis
According to a global survey performed by Evans Data in 2008,[9] the most widespread
scripting language is JavaScript.
The second most widespread is PHP.
Perl is the third most widespread scripting language, but in North America it enjoys
significantly more popularity.
Example(Java Script)
<html>
<body>
<p>Click the button to demonstrate the prompt box.</p>
<button onclick="myFunction()">Try it</button>
<p id="demo"></p>
<script>
function myFunction()
{
var x;
var name=prompt("Please enter your name","Harry Potter");
if (name!=null)
{
x="Hello " + name + "! How are you today?";
document.getElementById("demo").innerHTML=x;
}
}
</script>
</body>
</html>
29