Advanced Internet Technology (730202)

Internet Architecture
It is a Meta-Network, a constantly changing collection of thousands of individual network
intercommunicating with a common protocol. Internet architecture is based on the TCP/IP
protocol, to connect any two networks which may be very different in internal hardware,
software & technical design.

Goals of internet architecture

1. Continue despite loss of networks or gateways
2. Support multiple types of communication service
3. Accommodate a variety of networks
4. Permit distributed management of Internet resources
5. Cost effective
6. Host attachment should be easy
7. Resource accountability

Circuit switching
Phone network generally uses circuit switching. It has fixed bit rate. Circuit switching has no
fault tolerance capacity. Circuit switching components are extremely reliable. Circuit
switching has global application-level knowledge throughout network.

Packet switching
In packet switching each end-end data stream divided into packets. Each packet uses full link
bandwidth. Resources are used as needed. Resources are shared on demand. It has variable
bit rate. Packet switching has fault tolerance capacity. Packet switching components
are not extremely reliable.

Problems with packet switching

Packet loss and queuing delay

Packets queue in router buffers
Packet arrival rate exceeds output link capacity
Packets queue, wait for turn
Packet arrives to full queue, it is dropped (acknowledgement lost)
Lost packet may be retransmitted by previous node, by source end system, or not
retransmitted at all.

Packet switching versus Circuit switching

Analogy
Zip cars vs. privately owned cars
Zip cars (packet-switching)
Many users share a single car
Large demand for cars causes users to delay usage
Car is more efficiently used
Privately owned cars (circuit-switching)
Single user
Guaranteed access for user
Car is not used as efficiently
Internet architecture provides end-to-end principle and Hourglass
design. End-to-end principle suggest that where to put functionality? At the network
or at the edges. End-to-end functions are best handled by end-to-end protocols. Phone
network has dumb edge devices, intelligent network. Internet has dumb network,
intelligent edge devices.

Hourglass design
End-to-end principle leads to Hourglass design of protocols. In Hourglass design
Minimal required elements are at narrowest point. Hourglass design simplicity allows fast
deployment of multi-vendor, multi-provider public network. It is easy to implement.
Hardware requirement is also minimal. There are two dominant services layered above IP.
TCP Transmission Control Protocol which provides connection-oriented service and UDP
User Datagram Protocol which provides connectionless service.

Advantage of End-to-end principle and the Hourglass design

Basic network functionality allowed for extremely quick adoption
and deployment using simple devices.

Disadvantage of End-to-end principle and the Hourglass design

New network features and functionality are impossible to deploy,
requiring widespread adoption within the network.

World Wide Web

The WWW is an N/W that links computer together via a world wide web communication
N/W.
WWW is a branch of the internet that provides access to hyperlinked information.
Hyperlinked information constitutes resources that are linked to other information
resources.
WWW is only one Internet service and generally refers to a collection of hyperlinked web
pages.
WWW documents are identified by URLs.
It is client-server architecture -> client initiates communication server is listening and
responding to requests.
Servers are computers that store information for use by clients.
A server may provide various internet services.
It can be a web server, E-Mail server and news server etc.

WWW document (Web page)

Block of data available on the World-Wide Web and identified by a URL
Stored on web server displayable by a web browser
Files written in HTML may refer to images, other web pages and Internet resources using
hyperlinks
Can be in any format format is transmitted together with document
Time-invariant (static): content remains stable over time press release
2

 Time-variant: content changes over time stock quote, weather report generated using
scripts on server
Inactive: document has no internal meaning just syntax pure HTML
Active: document contains program JavaScript, Java applet, VB code, Flash animation
Is addressed by: Uniform Resource Locator, URL
Is-communicated-via HTTP

Internet Protocol
The Internet Protocol (IP) is a network-layer (Layer 3) protocol that contains addressing
information and some control information that enables packets to be routed.
Along with the Transmission Control Protocol (TCP), IP represents the heart of the Internet
protocols.
IP has two primary responsibilities
1. Providing connectionless, best-effort delivery of datagram through an internetwork
2. Providing fragmentation and reassembly of datagram to support data links with different
maximum-transmission unit (MTU) sizes.

IP Packet Format
An IP packet contains several types of information, as illustrated in Fig.
Versionindicates the version of IP currently used. IP Header Length (IHL)indicates the
datagram header length in 32-bit words.
Type-of-ServiceSpecifies how an upper-layer protocol would like a current datagram to
be handled, and assigns datagram various levels of importance.
Total Lengthspecifies the length, in bytes, of the entire IP packet, including the data and
header.

IdentificationContains an integer that identifies the current datagram. This field is used to
help piece together datagram fragments.
Flagsconsist of a 3-bit field of which the two low-order (least-significant) bits control
fragmentation. The low-order bit specifies whether the packet can be fragmented. The middle
bit specifies whether the packet is the last fragment in a series of fragmented packets. The
third or high-order bit is not used.
Fragment Offsetindicates the position of the fragments data relative to the beginning of
the data in the original datagram, which allows the destination IP process to properly
reconstruct the original datagram.
Time-to-Livemaintains a counter that gradually decrements down to zero, at which point
the datagram is discarded. This keeps packets from looping endlessly.
ProtocolIndicates which upper-layer protocol receives incoming packets after IP
processing is complete.
Header Checksumhelps ensure IP header integrity.
3

 Source AddressSpecifies the sending node.

Destination AddressSpecifies the receiving node.
OptionsAllows IP to support various options, such as
security.
DataContains upper-layer information.

IP Address Format
The 32-bit IP address is grouped eight bits at a time, separated by dots, and represented in
decimal format (known as dotted decimal notation). Each bit in the octet has a binary weight
(128, 64, 32, 16, 8, 4, 2, 1). The minimum value for an octet is 0, and the maximum value for
an octet is 255. Figure 30-3 illustrates the basic format of an IP address.

IP Address Classes
IP addressing supports 5 different address classes: A, B, C, D, and E. Only classes A, B, and
C are available for commercial use. The left-most (high-order) bits indicate the network class.

IP Subnet Addressing
IP networks can be divided into smaller networks called sub networks (or subnets).
Subnetting provides the network administrator with several benefits, including extra
flexibility, more efficient use of network addresses, and the capability to contain broadcast
traffic. A given network address can be broken up into many sub networks. For example,
172.16.1.0, 172.16.2.0, 172.16.3.0, and 172.16.4.0 are all subnets within network 171.16.0.0.
(All 0s in the host portion of an address specifies the entire network.)

Web Server
Definition: Program that understands the HTTP protocol and generates appropriate
responses is called web server.
Generally clients connect to the machine and send a request then server reads request,
generates response and client interprets response appropriately.
Client asks for file and server finds appropriate file then server sends back a response
header followed by the requested files data and at last server closes connection.
Web server and client communicate with platform-independent Hypertext Transfer Protocol
(HTTP).
HTTP request methods
get
post
Retrieve and send client form data to Web server
Post data to a server-side form handler
System Architecture
Multi-tier application (n-tier application)
Information tier (data or bottom tier)
4

 Maintains data for the application

Stores data in a relational database management system (RDBMS)
Middle tier
Implements business logic and presentation logic
Control interactions between application clients and application data
Client tier (top tier)
Applications user interface
Users interact directly with the application through the client tier

Client-Side Scripting versus Server-Side Scripting

o Client-side scripts
Validate user input
Reduce requests needed to be passed to server
Access browser
Enhance Web pages with DHTML, ActiveX controls, and applets
o Server-side scripts
Executed on server
Generate custom response for clients
Wide range of programmatic capabilities
Access to server-side software that extends server functionality

How To Access Web Server

o Request documents from Web servers
Host names
Local Web servers
Access through machine name or local host
Remote Web servers
Access through machine name
Domain name or Internet Protocol (IP) address
Domain name server (DNS)
o Computer that maintains a database of host names and their
corresponding IP address

Microsoft Internet Information Services (IIS)

It is an enterprise-level Web server that is included with Windows.
FTP Site
o Used for transferring large files across the Internet
HTTP Site
o Used most frequently to request documents from Web servers
SMTP Virtual Server
o Sends and receives electronic mail
Web Site Content Directory
o Directory containing the documents that clients will view

Apache Web Server

Currently the most popular Web server
It provides
Stability
Efficiency
Portability
Open-source
Small size

Web Application
A web application is an application that is accessed by users over a network such as the
Internet or an intranet.
The term may also mean a computer software application that is coded in a browser
supported programming language (such as JavaScript, combined with a browser-rendered
markup language like HTML).
5

 Web applications are popular due to the ubiquity of web browsers, and the convenience of
using a web browser as a client, sometimes called a thin client.
The ability to update and maintain web applications without distributing and installing
software on potentially thousands of client computers is a key reason for their popularity, as
is the inherent support for cross platform compatibility.
Common web applications include webmail, online retail sales, online auctions, wikis and
many other functions.
Web developers often use client-side scripting to add functionality, especially to create an
interactive experience that does not require page reloading.
Ajax, a web development technique using a combination of various technologies, is an
example of technology which creates a more interactive experience.
Applications are usually broken into logical chunks called "tiers", where every tier is
assigned a role.
Examples of browser applications are simple office software (word processors, online
spreadsheets, and presentation tools), but can also include more advanced applications such
as project management, computer-aided design, video editing and point-of-sale.

Advantages Of web Application

Web applications do not require any complex "roll out" procedure to deploy in large
organizations. A compatible web browser is all that is needed.
Browser applications typically require little or no disk space on the client.
Web applications integrate easily into other server-side web procedures, such as email and
searching.
They also provide cross-platform compatibility in most cases (i.e., Windows, Mac, Linux,
etc.) because they operate within a web browser window.

Disadvantages Of web Application

Web applications absolutely require compatible web browsers.
Browser applications rely on application files accessed on remote servers through the
Internet. Therefore, when connection is interrupted, the application is no longer usable.
Since many web applications are not open source, there is also a loss of flexibility, making
users dependent on third-party servers, not allowing customizations on the software and
preventing users from running applications offline (in most cases).

Web Application Design Issues

Designing input validation strategies

Partitioning Web sites into open and restricted areas
Implementing effective account management practices
Developing effective authentication and authorization Strategies
Protecting sensitive data
Protecting user sessions
Preventing parameter manipulation
Handling exceptions securely
Securing an application's configuration management features
Listing audit and logging considerations
Some of the top issues that must be addressed with secure design web application are shown
in fig.

1. Input Validation
The following practices improve your Web application's input validation:
Assume all input is malicious.
Centralize your approach.
Do not rely on client-side validation.
Be careful with canonicalization issues.

2. Authentication
Authentication is the process of determining caller identity. There are three aspects to
consider:
1.
Identify where authentication is required in your application. It is generally
required whenever a trust boundary is crossed.
2.
Validate who the caller is. Users typically authenticate themselves with
user names and passwords.
3.
Identify the user on subsequent requests. This requires some form of
authentication token.
The following practices improve your Web application's authentication:
Separate public and restricted areas.
Use account lockout policies for end-user accounts.
Support password expiration periods.
Be able to disable accounts.
Do not store passwords in user stores.
Require strong passwords.
Do not send passwords over the wire in plaintext.
Protect authentication cookies.

3. Authorization
Authorization determines what the authenticated identity can do and the resources that can be
accessed.
The following practices improve your Web application's authorization:
Restrict user access to system-level resources.
Consider authorization granularity.

4. Configuration Management
Most applications require interfaces that allow content developers, operators, and
administrators to configure the application and manage items such as Web page content, user
accounts, user profile information, and database connection strings.
The following practices improve the security of your Web application's configuration
management:
Secure your administration interfaces.
Secure your configuration store.
Maintain separate administration privileges.
Use least privileged process and service accounts.

5. Sensitive data

Applications that deal with private user information such as credit card numbers, addresses,
medical records, and so on should take special steps to make sure that the data remains
private and unaltered.
The following practices improve the security of your Web application's handling of secrets:
Do not store secrets if you can avoid it.
Do not store secrets in code.
Do not store database connections, passwords, or keys in plaintext.
Avoid storing secrets in the Local Security Authority (LSA).
Use Data Protection API (DPAPI) for encrypting secrets.

6. Session Management
Web applications are built on the stateless HTTP protocol, so session management is an
application-level responsibility.
The following practices improve the security of your Web application's session
management:
Use SSL to protect session authentication cookies.
Encrypt the contents of the authentication cookies.
Limit session lifetime.
Protect session state from unauthorized access.

7. Cryptography
Web applications frequently use cryptography to secure data in persistent stores or as it is
transmitted across networks.
The following practices improve your Web application's security when you use cryptography:
Do not develop your own cryptography.
Keep unencrypted data close to the algorithm.
Use the correct algorithm and correct key size.
Secure your encryption keys.

8. Parameter Manipulation
This may be data sent using query strings, form fields, cookies, or in HTTP headers.
The following practices help secure your Web application's parameter manipulation:
Encrypt sensitive cookie state.
Make sure that users do not bypass your checks.
Validate all values sent from the client.
Do not trust HTTP header information.

9. Exception Management
Secure exception handling can help prevent certain application-level denial of service attacks
and it can also be used to prevent valuable system-level information useful to attackers from
being returned to the client.
The following practices help secure your Web application's exception management:
Do not leak information to the client.
Log detailed error messages.
Catch exceptions.

10. Auditing and Logging

You should audit and log activity across the tiers of your application.
The following practices improve your Web application's security:
Audit and log access across application tiers.
Consider identity flow.
Log key events.
Secure log files.
Back up and analyze log files regularly.

Proxy Server
It is a specialized HTTP Server.
The proxy server acts as an intermediate server that relays requests between a client and a
server.
The proxy server keeps track of all the client-server interactions, which allows you to
monitor exactly what is going on, without having to access the main server.
8

 Functions as a firewall.
Protects client computers from Hackers by limiting outside access to clients.
You can use the proxy server to monitor all client-server interaction, regardless of the
communication protocol.
For example, you can monitor the following protocols:
HTTP for Web pages
HTTPS for secure Web pages
SMTP for email messages

How does a proxy server work?

Web proxy server listens for any request from clients.
All requests are forwarded to remote internet servers outside firewall.
Also listens for responses or request from outside the firewall (external servers) and sends
to them to internal client computers.
Usually, all clients with a subnet use the same proxy server.
This makes it possible for the proxy server to cache documents that are requested by one or
more clients (repeatedliy).
For clients using a web proxy server, it is as if they are getting response directly from a
remote server.

Communicating via proxy server

The proxy server acts as both a server system and a client system.
The proxy server uses the header fields passed to it by the browser without modification
when it connects to the remote server.
A complete proxy server should be able to communicate all the Web protocols, the most
important ones being HTTP, FTP, Gopher and WAIS.
When a browser sends a request through a proxy server, the browser always uses HTTP for
the transaction with the proxy server.

Advantages
Terminates the TCP connection before relaying to target host (in and out)
Hide internal clients from external network
Blocking of dangerous URLs
Filter dangerous content
Check consistency of retrieved content
Eliminate need for transport layer routing between networks
Single point of access, control and logging

Disadvantages
Single point of failure
o If the proxy dies , no one can get to the external network
Client software must usually be designed to use a proxy
Proxies must exist for each service
Doesnt protect the OS
o Proxies run at the application level
Create a service bottleneck
o solved via parallelism (more proxies, and load balance)

Common Gateway Interface (CGI)

A standard protocol for interfacing external application software with the web server.
Developed in 1993 at NCSA (National Center for Supercomputing Applications).
CGI 1.1 specified in RFC 3875, 2004.
9

 Allows an external executable file to respond to an HTTP Request from the browser.
CGI defines how information is passed from the web server to the executable program and
how information is passed from this back to the server.
A CGI script must be an executable file (have x rights) and must have the .cgi extension
The CGI script must be placed in the cgi-bin directory in the public_html directory of the
user.

Need for CGI

HTML/XHTML is static, it is not parameterized
Using only HTML/XHTML, CSS and JS one cannot write dynamic web pages: pages that
look differently depending on the user who visit it (client, administrator etc.), pages that
display different products depending on what is in a database, pages that should be displayed
depending on the value of some parameters.
Using only HTML/XHTML, CSS and JS one cannot develop distributed web applications
(e-commerce sites, hotel booking, web search applications etc.)

Drawbacks of CGI
Because no special web-oriented language is used for writing CGI scripts (e.g. shell, Perl,
c/c++, python etc.) errors are highly probable and so, security vulnerabilities due to these
problems
Usually a new process is created for each run of a CGI script; this increases the load on the
server
CGI scripts are executable file; they can write/delete from the local disk, so this is security
vulnerability.

CGI example (in shell)

#!/bin/bash
echo Status: 200 OK
echo Content-Type: text/html
echo
echo
echo "<html><head></head>"
echo "<body>"
echo "Hello world."
echo "</body></html>"

Getting parameters from the client/browser

o Parameters can be passed from the user to the CGI script through an html
<form>
<form action=script.cgi method=GET | POST>
<input type= name=input1 />
<input type= name=input2 />

<input type= name=inputN />

</form>
The script.cgi will get the parameters as:
input1=val1&input2=val2& & inputN=valN
o Parameters can be sent through the GET method (in the HTTP Request header) =>
the CGI script will receive the parameters from the web server in an environment variable
$QUERY_STRING.
o They can be passed through the POST method (in the body of the HTTP Request)
=> the CGI script will receive the parameters from the web server in the standard input.

Cookies
A cookie is a small text file that JavaScript can use to store customized information about a
user.
JavaScript deals with cookies as objects.
Specifically, JavaScript works with cookies using the document. Cookies attribute.
We can read information from cookies by examining the document. Cookie object.

Types of cookies
10

1. Session Cookies
A browser stores session cookies in memory.
Once a browser session ends, browser loses the contents of a session cookie.

2. Persistent Cookies
Browsers store persistent cookies to a users hard drive.
We can use persistent cookies to customize information about a user that we
can use when the user returns to a website at a later date.

Parts of a Cookie Object

name An identifier by which we reference a particular cookie.
value The information we wish to save, in reference to a particular cookie.
expires A GMT-formatted date specifying the date (in milliseconds) when a
cookie will expire.
path Specifies the path of the web server in which the cookie is valid. By default,
set to the path of the page that set the cookie. However, commonly specified to /, the
root directory.
domain Specifies the domain for which the cookie is valid. Set, by default, only to
the full domain of a page. You may wish to extend the domain to include other computers in
your domain.
secure Specifies that a web browser needs a secure HTTP connection to access a
cookie.

Setting a Cookie
window.document.cookie = cookieName = cookieValue [; expires = expireDate] [; path =
pathName] [; domain = domainName] [; secure];

Calling SetCookie ()
We can call the SetCookie () function from the Cookie Library using the following syntax:
SetCookie (name, value [, expires] [, path] [, domain] [, secure] );

Calling DeletCookie ()
We can call the DeletCookie () function from the Cookie Library using the following syntax:
DeletCookie (name, [, path] [, domain]);

Modifying a Cookie
We can call the SetCookie () function from the Cookie Library to modify a cookie.
Overwriting the previous cookie.

Limitations
A given domain may only set 20 cookies per machine.
A single browser may only store 300 cookies.
Browsers limit a single cookie to 4KB.

Search Engines
Search engine Helps people find what theyre looking for. Search starts with an
information need, Convert to a query and Gets results.
Search cant find whats not there.
Search is Mostly Invisible.
Search engine makes a Searchable Index.

What the Index Needs

Basic information for document or record
File name / URL / record ID
Title or equivalent
Size, date, MIME type
Full text of item
More metadata
Product name, picture ID
Category, topic, or subject
Other attributes, for relevance ranking and display

Simple Index Diagram

11

 Text Search vs. Database Query

Text search works for structured content
Keyword search vs. SQL queries
Approximate vs. exact match
Multiple sources of content
Response time and database resources
Relevance ranking, very important
Works in the real world (e.g. EBay)

Search Query Processing

What happens after you click the search button, and before retrieval starts?
Usually in this order
Handle character set, maybe language
Look for operators and organize the query
Look for field names or metadata
Extract words (just like the indexer)
Deal with letter casing

Search and Retrieval

Retrieval: find files with query terms
Not the same as relevance ranking
Recall: find all relevant items
Precision: find only relevant items
Increasing one decreases the other

Why Searches Fail

Empty search
Nothing on the site on that topic (scope)
Misspelling or typing mistakes
Vocabulary differences
Restrictive search defaults
Restrictive search choices
Software failure
12

 Relevance Processing of Search Engine

Sorting documents on various criteria
Start with words matching query terms
Citation and link analysis
Like old library Citation Indexes
Ted Nelson - not only hypertext, but the links
Google PageRank
Incoming links
Authority of linkers

Web crawlers
Web pages are few thousand characters long.
Web pages are served through the internet using the hypertext transport protocol (HTTP).
Web pages are viewed at client end using `browsers.
Crawler will fetch the pages to the computer.
At the computer automatic programs can analyze hypertext documents.
Crawling procedure is simple.
Crawler start from a given set of URLs
o Progressively fetch and scan them for new out linking URLs
o Fetch these pages in turn..
o Submit the text in page to a text indexing system

Structure of a crawler
Each page is stored in compressed form to disk/tape
Each page is scanned for outlinks
Work pool of outlinks maintain network utilization without overloading it
Page fetching threads finishes when the entire page has been fetched
Continue till the crawler has collected a sufficient number of pages.

Typical structure of a large-scale crawler

13

 DNS caching, pre-fetching and resolution

A customized DNS component with..
Custom client for address resolution is tailored for concurrent handling of
multiple outstanding requests.
Custom client allows issuing of many resolution requests together.
Custom client facilitates load distribution among many DNS servers.
Prefetching client is parse a page that has just been fetched
Prefetching client extract host names from HREF targets
Prefetching client Make DNS resolution requests to the caching server
Prefetching client usually implemented using UDP

How to avoid repeated expansion of links on duplicate pages

Reduce redundancy in crawls
Duplicate detection gives mirrored Web pages and sites
o Detecting exact duplicates using checking against MD5 digests of stored
URLs.
Detecting near-duplicates
o Even a single altered character will completely change the digest !

Refreshing crawled pages

Search engine's index should be fresh.
Web-scale crawler never `completes' its job.
High variance of rate of page changes.
Solution is at commencement of new crawling round estimate which pages have
changed.

Web Services
Web services is an effort to build a distributed computing platform for the Web.
Web service applications are encapsulated, loosely coupled Web components that can
bind dynamically to each other.
Web services are software components that communicate using pervasive, standards-based
Web technologies including HTTP and XML-based messaging.
Web services are powered by XML and three other core technologies: WSDL, SOAP, and
UDDI.

XML (eXtensible Markup Language)

XML is a W3C (World Wide Web Consortium) specification that defines a meta-language
for describing data.
Because XML syntax consists of text-based mark-up that describes the data being tagged, it
is both application-independent and human readable.

WSDL (Web Services Description Language)

A WSDL file is an XML document that describes a Web service using six main elements:
1. Port type groups and describes the operations performed by the service through
the defined interface.
2. Port specifies an address for a binding, i.e., defines a communication port.
3. Message describes the names and format of the messages supported by the
service.
4. Types defines the data types (as defined in an XML Schema) used by the service
for sending messages between the client and server.
5. Binding defines the communication protocols supported by the operations
provided by the service.
6. Service specifies the address (URL) for accessing the service.

SOAP (Simple Object Access Protocol)

SOAP messages are XML documents that contain some or all of the following elements:
1. Envelope specifies that the XML document is a SOAP message; encloses the message
itself.
2. Header (optional) contains information relevant to the message, e.g., the date the
message was sent, authentication data, etc.
14

3. Body includes the message payload.

4. Fault (optional) carries information about a client or server error within a SOAP
message.

UDDI (Universal Description Discovery and Integration

UDDI is a standard sponsored by OASIS (Organization for the Advancement of
Structured Information Standards).
UDDI is a specification for creating an XML-based registry that lists information
about businesses and the Web services they offer.
UDDI often describes services using WSDL and communicates via SOAP
messaging.

Goals of web service

Enable universal interoperability.
Widespread adoption, ubiquity: fast!
Enable (Internet scale) dynamic binding.
Support a service oriented architecture (SOA).

Benefits of web service

Application and data integration
Versatility
Code re-use
Cost savings

Plug-in Module
A plug-in (or plugin) is a software component that adds a specific feature to an existing
software application.
When an application supports plug-ins, it enables customization.
The common examples are the plug-ins used in web browsers to add new features such as
search-engines, virus scanners, or the ability to utilize a new file type such as a new video
format. Well-known browser plug-ins include the Adobe Flash Player, the QuickTime Player,
and the Java plug-in, which can launch a user-activated Java applet on a web page to its
execution a local Java virtual machine.
Add-on (or addon) in computing is the general term comprising snap-ins, plug-ins,
extensions, and themes for software applications.

Mechanism

15

 As shown in the figure, the host application provides services which the plug-in can use,
including a way for plug-ins to register themselves with the host application and a protocol
for the exchange of data with plug-ins.
Plug-ins depend on the services provided by the host application and do not usually work by
themselves.
Conversely, the host application operates independently of the plug-ins, making it possible
for end-users to add and update plug-ins dynamically without needing to make changes to the
host application.
Open application programming interfaces (APIs) provide a standard interface, allowing
third parties to create plug-ins that interact with the host application.
A stable API allows third-party plug-ins to continue to function as the original version
changes and to extend the life-cycle of obsolete applications.
The Adobe Photoshop and After Effects plug-in APIs have become a standard and
competing applications such as Corel Paint Shop Pro have adopted them.

Applications support plug-ins

to enable third-party developers to create abilities which extend an application
to support easily adding new features
to reduce the size of an application
to separate source code from an application because of incompatible software licenses.

Specific examples of applications

Email clients use plug-ins to decrypt and encrypt email (Pretty Good Privacy).
Graphics software use plug-ins to support file formats and process images (Adobe
Photoshop, GIMP).
Media players use plug-ins to support file formats and apply filters (foobar2000, GStreamer,
Quintessential, VST, Winamp, XMMS).
Microsoft Office uses plug-ins (better known as add-ins) to extend the abilities of its
application by adding custom commands and specialized features.
Packet sniffers use plug-ins to decode packet formats (OmniPeek).
Remote sensing applications use plug-ins to process data from different sensor types
(Opticks).
Smart, an audio spectrum analysis application which accepts plug-ins for third-party digital
signal processors.
Software development environments use plug-ins to support programming languages
(Eclipse, jEdit, MonoDevelop).
Web browsers use plug-ins (often implementing the NPAPI specification) to play video and
presentation formats (Flash, QuickTime, Microsoft Silverlight, 3DMLW).

Standard Generalized Markup Language ( SGML )

Standard Generalized Markup Language, a system for organizing and tagging elements of a
document.
SGML was developed and standardized by the International Organization for Standards
(ISO) in 1986.
SGML itself does not specify any particular formatting; rather, it specifies the rules for
tagging elements. These tags can then be interpreted to format elements in different ways.
SGML is used widely to manage large documents that are subject to frequent revisions and
need to be printed in different formats. Because it is a large and complex system, it is not yet
widely used on personal computers.
However, the growth of Internet, and especially the World Wide Web, is creating renewed
interest in SGML because the World Wide Web uses HTML, which is one way of defining
and interpreting tags according to SGML rules.
HTML is just one of the SGML or XML applications, the one most frequently used in the
Web.
SGML is a system for defining markup languages. Authors mark up their documents by
representing structural, presentational, and semantic information alongside content.
Each markup language defined in SGML is called an SGML application. An SGML
application is generally characterized by:
16

1. An SGML declaration. The SGML declaration specifies which characters and

delimiters
may appear in the application.
2. A document type definition (DTD). The DTD defines the syntax of markup
constructs. The DTD may include additional definitions such as character entity references.
3. A specification that describes the semantics to be ascribed to the markup. This
specification also imposes syntax restrictions that cannot be expressed within the DTD.
4. Document instances containing data (content) and markup. Each instance contains
a reference to the DTD to be used to interpret it.

What's Special about SGML?

There are three characteristics of SGML which distinguish it from other markup languages:
its emphasis on descriptive rather than procedural markup; its document type concept; and its
independence of any one system for representing the script in which a text is written.
> Descriptive Markup
A descriptive markup system uses markup codes which simply provide names to categorize
parts of a document.
In SGML, the instructions needed to process a document for some particular purpose (for
example, to format it) are sharply distinguished from the descriptive markup which occurs
within the document.
Usually, they are collected outside the document in separate procedures or programs.
With descriptive instead of procedural markup the same document can readily be processed
by many different pieces of software, each of which can apply different processing
instructions to those parts of it which are considered relevant.
For example, a content analysis program might disregard entirely the footnotes embedded in
an annotated text, while a formatting program might extract and collect them all together for
printing at the end of each chapter.
Different sorts of processing instructions can be associated with the same parts of the file.
For example, one program might extract names of persons and places from a document to
create an index or database, while another, operating on the same text, might print names of
persons and places in a distinctive typeface.
> Types of Document
SGML introduces the notion of a document type, and hence a document type definition
(DTD).
Documents are regarded as having types, just as other objects processed by computers do.
The type of a document is formally defined by its constituent parts and their structure.
The definition of a report, for example, might be that it consisted of a title and possibly an
author, followed by an abstract and a sequence of one or more paragraphs.
Anything lacking a title, according to this formal definition, would not formally be a report,
and neither would a sequence of paragraphs followed by an abstract, whatever other reportlike characteristics these might have for the human reader.
If documents are of known types, a special purpose program (called a parser) can be used to
process a document claiming to be of a particular type and check that all the elements
required for that document type are indeed present and correctly ordered.
More significantly, different documents of the same type can be processed in a uniform way.
Programs can be written which take advantage of the knowledge encapsulated in the
document structure information, and which can thus behave in a more intelligent fashion.
> Data Independence
A basic design goal of SGML was to ensure that documents encoded according to its provisions
should be transportable from one hardware and software environment to another without loss of
information.
The two features discussed so far both address this requirement at an abstract level; the third
feature addresses it at the level of the strings of bytes (characters) of which documents are
composed.
SGML provides a general purpose mechanism for string substitution, that is, a simple machineindependent way of stating that a particular string of characters in the document should be
replaced by some other string when the document is processed.
17

One obvious application for this mechanism is to ensure consistency of nomenclature; another,
more significant one, is to counter the notorious inability of different computer systems to
understand each others character sets, or of any one system to provide all the graphic characters
needed for a particular application, by providing descriptive mappings for non-portable
characters.
The strings defined by this string-substitution mechanism are called entities.

Virtual Reality Markup Language (VRML)

What is VRML?
VRML was conceived in the spring of 1994 at the first annual World Wide Web
Conference in Geneva, Switzerland at which discussion was held about web-based
virtual reality systems.
VRML is an acronym for the Virtual Reality Modelling Language. Technically
speaking, VRML is neither virtual reality nor a modelling language.
Virtual reality typically implies an immersive 3D experience (such as a head-mounted
display) and 3D input devices (such as digital gloves). VRML neither requires nor precludes
immersion.
Furthermore, a true modelling language would contain much richer geometric modelling
primitives and mechanisms.
VRML provides a bare minimum of geometric modelling features and contains numerous
features far beyond the scope of a modelling language.
Attendees agreed on the need for these systems to have a common language for specifying
3D scene description and WWW hyperlinks a kind of HTML for virtual reality.
The term Virtual Reality Markup Language (VRML) was coined, and the group began
specification work after the conference.
The word 'Markup' was later changed to 'Modeling' to reflect the graphical nature of VRML.
So what VRML really is?
At its core, VRML is simply a 3D interchange format. It defines most of the commonly used
semantics found in today's 3D applications such as hierarchical transformations, light
sources, viewpoints, geometry, animation, fog, material properties, and texture mapping.
One of the primary goals in designing VRML was to ensure that it at least succeeded
as an effective 3D file interchange format.
VRML is a 3D analog to HTML means that VRML serves as a simple, multiplatform
language for publishing 3D Web pages.
This is motivated by the fact that some information is best experienced three dimensionally,
such as games, engineering and scientific visualizations, educational experiences, and
architecture.
Typically these types of projects require intensive interaction, animation, and user
participation and exploration beyond what is capable with a page-, text-, or imagebased
format (i.e., HTML).
VRML provides the technology that integrates three dimensions, two dimensions, text, and
multimedia into a coherent model.
When these media types are combined with scripting languages and Internet capabilities, an
entirely new interactive applications development are possible.
A 3D metaphor presents a natural user experience that supports classic twodimensional
(2D) desktop models as well as extends into broader contexts of space and place.
Many have speculated that the 3D world model will supersede and thus replace the popular
2D desktop model as the primary user interface paradigm in the next decade.
Of course, there are a variety of challenges that need to be overcome before this is possible,
such as 3D user interface and navigation, user training, and ubiquitous 3D graphics
performance.
VRML is the foundation for cyberspace and the on-line virtual communities that were
painted and popularized by science fiction writers.
Critics have accurately pointed out that VRML does not yet define the networking and
database protocols necessary for true multi-user simulations.
However, the strategy behind VRML has been
18

 evolve the standard one step at a time

keep it simple
standardize only on problems that are completely understood and reasonably solved
encourage experimentation and extensions on the frontiers
don't reinvent technologies that can be solved outside of VRML (e.g.,HTTP)

There are already several working, multi-user systems implemented on top of VRML
proof that the incremental approach is working.
VRML is not a programming library for application developers. Since VRML is based on
the Open Inventor file format, many people assume that it also provides the rich
programming interfaces and tools included in the Open Inventor toolkit.
In actuality, VRML is an extended subset of Open Inventor's file format and does not define
an application programme interface (API).
The fact that VRML includes scripting language integration tends to promote this
misconception. Scripting language capabilities are predominantly intended for authors who
need more power or integration.
After much discussion it was decided to base the language on the Open Inventor
ASCII File Format from Silicon Graphics, Inc.
The Inventor File Format supports complete descriptions of 3D scenes with polytonally
rendered objects, lighting, materials, ambient properties and realism effects.
A subset of the Inventor File Format, with extensions to support networking, forms the basis
of VRML.
VRML is designed to meet the following requirements:
Platform independence
Extensibility
Ability to work well over low-bandwidth connections
As with HTML, the above are absolute requirements for a network language standard.
The initial version was VRML 1.0. Subsequent developments have led to VRML 2.0 and
most recently VRML97.
All that is needed is an ordinary editor such as Notepad to edit the code and a renderer to
draw the scene from the instructions contained in the file. For a web-bases environment this
means the browser used to interpret the file must have a plug-in to draw the scene and
interpret the manipulation of the graphics.
The browser plug-in being used is Cosmo Player. You can download this free onto any
machine.
To display the model in a browser window simply run the .wrl file using explorer or
Netscape
Language Basics
General Syntax
For easy identification of VRML files, every VRML file must begin with the characters:
#VRML V1.0 ascii (or #VRML V2.0 utf8 )
Any characters after these on the same line are ignored.
The line is terminated by either the ASCII newline or carriage-return characters.
The '#' character begins a comment; all characters until the next newline or carriage return
are ignored. The only exception to this is within string fields, where the '#' character will be
part of the string.
Blanks, tabs, newlines and carriage returns are whitespace characters wherever they appear
outside of string fields. One or more whitespace characters separates the syntactical entities in
VRML files, where necessary.
After the required header, a VRML file contains exactly one VRML node. That node may
of course be a group node, containing any number of other nodes.
Coordinate System
VRML uses a cartesian, right-handed, 3-dimensional coordinate system. By default,
objects are projected onto a 2-dimensional device by projecting them in the direction
of the positive Z axis, with the positive X axis to the right and the positive Y axis up.
A camera or modeling transformation may be used to alter this default projection.
The standard unit for lengths and distances specified is meters. The standard unit for
19

angles is radians.
An example program

#VRML V1.0 ascii

# This file defines a simple red sphere
Separator
{
Material { diffuseColor 1 0 0 } # the color red
Sphere { }
}

What is XML?
The Extensible Markup Language (XML) is a flexible, nonproprietary set of standards for
annotating or tagging information so that it can be transmitted over a network and readily
interpreted by disparate computer systems.
XML is not really a language in itself, but a specification for creating markup languages.
Some industries and organizations have formed their own XML tag vocabularies to facilitate
data exchange.
By creating XML tags for their specific needs, application developers have been able to
create XML applications that are specific to their industry. This is why it is called extensible.
The term XML is also used to refer to the family of technologies that perform special
functions on XML files.
Like HTML, XML is a markup language. XML text files are comprised of data mixed in
with opening and closing tags. These tags markup the text they surround.
In HTML, there are a finite number of tags to use and the tags control the display of text.
Web browsers interpret the tags and render a page accordingly.
In an XML file, the tags usually provide a semantic description of what is inside.
In other words, XML provides a facility to define tags and the structural relationships
between them. The tag structure is strict and hierarchical, but the application developer can
use as many tags as needed for their application (see Example 4).
XML files that are used for a specific application must be well formed and valid.
Well Formed XML
If XML files meet the following criteria, they are considered well formed:
There is only one root element,
XML tags can be nested but must not overlap,
Every starting tag must have a corresponding closing tag; and,
Element names must obey XML naming conventions.
Example 1:
<b> John Doe </b>
In a web browser, this would show
bold text
<b> start tag
</b> end tag.
<b> John Doe </b> element
Example 2: A well-formed XML file:
<NAME>
<FIRST>John</FIRST>
<MIDDLE>Robert</MIDDLE>
<LAST>Doe</LAST>
</NAME>
The hierarchy is unambiguous,
<NAME></NAME> tag pair comprise the root element,
<FIRST>, <MIDDLE> and <LAST> are nested and subordinate to
<NAME>; and,
All the tags have a corresponding end tag.
20

Example 3: A badly formed XML file:

<NAME>
<FIRST>John
<MIDDLE> </FIRST> Robert</MIDDLE> Error, not properly nested
<LAST>Doe</LAST>
</NAME>
The <FIRST> is outside of <MIDDLE> </MIDDLE> tag pair while the </FIRST> is
inside the tag pair.
Valid XML
Although the XML technical standard is well defined, the ability for application developers
to create their own tags can lead to confusion if there is no agreement on what business
standard to follow.
There are two ways to provide a formal description of what tags are allowed and how the
hierarchy can be implemented:
1. Document Type Definition (DTD)
2. XML Schema
These techniques define the rules that set out how a document should be structured, what
elements should be included, what kind of data may be included and what default values to
use.
XML Schemas have the additional ability to specify data types.
If an XML document references either a DTD or an XML Schema, it can be validated for
structure, what elements should be included, what kind of data may be included and what
default values to use.
When XML is used in organizations and industries, DTDs or XML Schemas are defined
and made available to the participating parties.
XML Stylesheet
The Extensible Stylesheet Language (XSL) is a language for expressing stylesheets.
Given a class of arbitrarily structured XML documents or data files, application developers
use an XSL stylesheet to express their intentions about how that structured content should be
presented.

Figure 1: Re-purposing XML content for different devices using XSL

Introduction to XHTML
What is XHTML?
21

 XHTML is an extension of HTML designed to work with XML user agents. The current
version is XHTML1.1.
HTML is a standard language for publishing on the World Wide Web.
HTML is an application of SGML (Standard Generalized Markup Language).
SGML is the de facto standard for describing markup languages particularly those used in
electronic format but not necessarily for the internet. HTML specifies only a small set of
structural and semantic tags.
HTML has support for hypertext and multimedia.
Differences between XHTML with HTML
Documents must be well formed.
All elements must be properly nested, inner tags are closed before outer tags.
Elements and attribute names must be in lower case.
For non-empty elements, end tags are required.
Attribute values must always be quoted.
Empty elements must either have an end tag or the start tag must end with />.
Document Type Definition (DTD) is a collection of XML markup definitions that defines
the legal structure of the language.
There are three variations of the DTDs for XHTML - strict, transitional, and frameset. An
XHTML document must conform to one of them and the declaration should be the first line
of code.
<! DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<! DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<! DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-frameset.dtd">
<! DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

The root element of an XHTML document must be html and the XHTML namespace has to
be declared:
<html xmlns="http://www.w3.org/1999/xhtml">
Paragraphs
Use <p></p> tag to delineate paragraphs. The <pre></pre> tag tells browsers that the
enclosed text is preformatted.
Browsers may then leave white space, render text in monospace font, and disable automatic
word wrap.
Headers

<h1>Level 1 Header </h1>

<h2>Level 2 Header</h2>
<h3>Level 3 Header </h3>
<h4>Level 4 Header </h4>
<h5>Level 5 Header </h5>
<h6>Level 6 Header </h6>

Links
Links can take the viewer to a resource on the same computer or on a different computer.
The syntax for the link is:
<a href = "path/to/file"> ... </a>
The path could be an absolute path (http://www.google.com) or a relative path
(/events/default.asp).
22

 An internal link would take the viewer to a different part of the same document. For
example this internal link will take me to the section on forms. (#forms) Note the use of
tags.
Instead of a path you can insert an email address elota.patton@mail.utexas.edu
(mailto:elota.patton@mail.utexas.edu). This will bring up an e-mail form for the user.
Images
Use the <img />element to include graphics. The height and width attributes are given in
pixels. It is good practice to only set the width and not the height. The alt, which is
displayed the case the image is not or when you hover over the image, is required. (<img
src="./NGC1300.jpg" width="300" alt="Image of galaxy" />)

Line Breaks
Line breaks are introduced with < br />.
Horizontal Line
Now we will introduce a horizontal line with the <hr /> element.
Special Characters
Here is a list of special characters in XHTML. You can write these characters in two ways either using the English
mnemonic or the hexadecimal code. For example the ampersand symbol can be written as:
&amp; or &#38; Others
include &nbsp; (non-breaking space), &copy; (), &lt; (<), and &gt; (>).
Lists - Unordered, Ordered, and Definition
Unordered list:
red
blue
yellow
green
o light green
o dark green
<ul>
<li> red </li>
<li> blue </li>
<li> yellow </li>
<li> green
<ul>
<li>light green</li>
<li>dark green</li>
</ul>
</li>
</ul>
Ordered list:
1. One
2. Two
3. Three
23

<ol>
<li> One </li>
<li> Two </li>
<li> Three </li>
</ol>
Definition list:
<dl>
<dt> Client </dt>
<dd> A software program that makes a request for a resource using HTTP.</dd>
<dt> Server </dt>
<dd> Machine that hosts the resources and services requests from client programs.</dd>
</dl>
Client : A software program that makes a request for a resource using HTTP.
Server : A machine that hosts the resources and services requests from client programs.
Tables
A table has a border, caption, head, foot, and body. The body is made out of cells spanning
rows and columns.
Distribution of Rhinoceroses
Type
Population
Black Rhino
3610
White Rhino
11100
Indian Rhino
2400
Javan Rhino
60
Sumatran Rhino 300
Total

17470

<table border="1" width="50%">

<caption>Distribution of Rhinoceroses</caption>
<thead>
<tr><th>Type</th><th>Population</th></tr>
</thead>
<tfoot>
<tr><th>Total</th><th>17470</th></tr>
</tfoot>
<tbody>
<tr><td>Black Rhino</td><td>3610</td></tr>
<tr><td>White Rhino</td><td>11100</td></tr>
<tr><td>Indian Rhino</td><td>2400</td></tr>
<tr><td>Javan Rhino</td><td>60</td></tr>
<tr><td>Sumatran Rhino</td><td>300</td></tr>
</tbody>
</table>
Here is an example of a more complex table
Complex Table
1

2
3

<table border = "1" width = "75%">

<caption> Complex Table </caption>
<tbody>
<tr><td rowspan = "2"> 1 </td> <td colspan = "2" align = "left"> 2 </td></tr>
<tr><td align = "right"> 3 </td><td align = "center"> 4 </td></tr>
</tbody>
</table>
24

Forms
A form has the following components:
Buttons like Submit and Reset
Text field and area
Checkboxes
Radio Buttons
Menus - Single or Multiple Selections
A form must specify the method by which the data is transported - GET or POST.
The action attribute, which is the location of the script on the server side that will process the
form data, is required. Borderless nested tables can be used to align and present the form
elements.
Here is an example of a simple survey form.
Name:
Comments:

E-mail Address:
Things you liked:
Site Design Links Ease of Use Images
How did you get to our site?
Search Engine
Link from another site
Reference in a book
Rate our site: Excellent

Other

Enter Clear

<form method = "post" action = "/cgi/echo.asp">

<p><label>Name: <input name = "name" type = "text" size = "30" /></label></p>
<p><label>Comments: <br /><textarea name="comments" rows="4" cols="36"></textarea>
</label></p>
<p><label>E-mail Address:
<input
name="email" type="password" size="30"
/></label></p>
<p><b>Things you liked:</b><br />
<label>Site Design <input name="attraction" type="checkbox" value="Design" /></label>
<label>Links <input name="attraction" type="checkbox" value="Links" /></label>
<label>Ease of Use <input name="attraction" type="checkbox" value="Ease" /></label>
<label>Images <input name="attraction" type="checkbox" value="Images" /></label>
</p>
<p><b>How did you get to our site?</b><br />
<label>Search Engine <input name="connection" type="radio" value="search_engine" />
</label>
<label>Link on other site<input name="connection" type="radio" value="link" /></label>
<label>Reference in book <input name="connection" type="radio" value="book" /></label>
<label>Other <input name="connection" type="radio" value="other" /></label></p>
<p><label> Rate our site:
<select name = "rating" multiple="multiple">
<option selected = "selected"> Excellent </option>
<option> Very Good </option>
<option> Good </option>
<option> Fair </option>
<option> Poor </option>
</select>
</label></p>
<p><input type="submit" value="Enter" /><input type="reset" value="Clear" /></p>
</form>
meta Element
25

The meta element allows search engine to know what is in the web page without having to go
through every line.
This element has two attributes: name and content. The name attribute can have two values
keywords or description.
The meta element is placed in the head section of the page.
<meta name = "keywords" content = "XHTML, Paragraphs, Headers, Lists, Tables, Forms"
/>
<meta name = "description" content = "This page gives a brief introduction to the XHTML
syntax." />
What are Web server interfaces used for? Give an example.
Web interfaces provide a means of exposing data within a database to the Internet and
initiating transactions with it.
Depending on how the interface is configured, it may be another application accessing the
exposed parts of the database or an individual surfing the web via their browser.
The software managing the user interface, be it JAVA, PHP or .NET, will perform data
integrity and manage access to the database.
It is important to remember that applications placed on the Web are stateless, what we see
in the web browser may not necessarily reflect the current state of the data in the database,
but rather what the state of the data was at the time it was accessed.
For instance, weather.com may provide an accurate forecast within a few hours of the page
being loaded, but, the longer we go without refreshing the page, the more removed from that
state of data we become. After a day, even the date displayed on the page is no longer valid if
we do not refresh its state.

Dynamic web page

A dynamic web page is a web page with web content that varies based on parameters
provided by a user or a computer program.
Dynamic web pages are a fundamental part of Web 2.0 which facilitatees information sharing
across multiple websites.
History
It is difficult to be precise about "dynamic web page beginnings" or chronology, because the
precise concept makes sense only after the "widespread development of web pages":
HTTP has been in use since 1990, HTML, as standard, since 1996. The web browsers
explosion started with 1993's Mosaic.
Execusite introduced the first dynamic website solution for the professional marketplace in
June 1997. Execusite was acquired by Website Pros (now Web.com) in January 2000.

Client-side scripting
Client-side scripting is changing interface behaviors within a specific web page in response
to mouse or keyboard actions, or at specified timing events. In this case, the dynamic
behavior occurs within the presentation.
The Client-side content is generated on the user's local computer system.
Such web pages use presentation technology called rich interfaced pages. Client-side
scripting languages like JavaScript or ActionScript, used for Dynamic HTML (DHTML) and
26

Flash technologies respectively, are frequently used to orchestrate media types (sound,
animations, changing text, etc.) of the presentation.
The scripting also allows use of remote scripting, a technique by which the DHTML page
requests additional information from a server, using a hidden Frame[disambiguation needed],
XMLHttpRequests, or a Web service.
The first "widespread used" version of JavaScript was in 1996 (with Netscape 3 an
ECMAScript standard).
Server-side scripting
A program running on a web server (server-side scripting) is used to change the web content
on various web pages, or to adjust the sequence of or reload of the web pages. Server
responses may be determined by such conditions as data in a posted HTML form, parameters
in the URL, the type of browser being used, the passage of time, or a database or server state.
Such web pages are often created with the help of server-side languages such as ASP,
ColdFusion, Perl, PHP, Ruby, WebDNA and other languages. These server-side languages
often use the Common Gateway Interface (CGI) to produce dynamic web pages. Three
notable exceptions are ASP.NET, JSP, and LSP, which reuse CGI concepts in their APIs but
actually dispatch all web requests into a shared virtual machine.
Dynamic web pages are often cached when there are few or no changes expected and the
page is anticipated to receive considerable amount of web traffic that would create slow load
times for the server if it had to generate the pages on the fly for each request.
Combination
Ajax is a web development technique for dynamically interchanging content which sends a
request to the server for data. The server returns the requested data which is then formatted
by a client side script.
This technique reduces server load time because the client does not request the entire
webpage to be regenerated by the server's language parser; only the content that will change
is transmitted.
Google Maps is an example of a web application that uses Ajax techniques.
A Web client program (such as a web browser) can access data from many different servers,
such as Gopher, FTP, NNTP (Usenet) or HTTP. The HTTP server was designed specifically
for the Web, and employs a protocol (system of messages) that supports sending documents
from the server to a browser, and that also support sending complex data from the client back
to the server.
There are several HTTP methods for doing this (in HTTP, methods is a technical term for
the way in which data are sent between a client browser and server).

Scripting language
A scripting language or script language is a programming language that supports the writing
of scripts, programs written for a software environment that automate the execution of tasks
which could alternatively be executed one-by-one by a human operator. Environments that
can be
automated through scripting include software applications, web pages within a web browser,
the shellsof operating systems, and several general
purpose and domain-specific languages such as those for embedded systems.
Scripts can be written and executed "on-the-fly", without explicit compile and link steps;
they are typically created or modified by the person executing them.
A scripting language is usuallyinterpreted from source code or bytecode. By contrast, the
software environment the scripts are written for is typically written in a compiled language
and distributed in machine code form; the user may not have access to its source code, let
alone be able to modify it.
The spectrum of scripting languages ranges from very small and highly domain-specific
languages to general-purpose programming languages.
The term script is typically reserved for small programs (up to a few thousand lines of code).
27

Types of scripting languages

Job control languages and shells
A major class of scripting languages has grown out of the automation of job control, which
relates to starting and controlling the behavior of system programs. (In this sense, one might
think of shells as being descendants of IBM's JCL, or Job Control Language, which was used
for exactly this purpose.)
Many of these languages' interpreters double as command-line interpreters such as the Unix
shell or the MS-DOS COMMAND.COM.
Others, such as AppleScript offer the use of English-like commands to build scripts.
GUI scripting
With the advent of graphical user interfaces, a specialized kind of scripting language
emerged for controlling a computer.
These languages interact with the same graphic windows, menus, buttons, and so on that a
human user would. They do this by simulating the actions of a user.
These languages are typically used to automate user actions. Such languages are also called
"macros" when control is through simulated key presses or mouse clicks.
These languages could in principle be used to control any GUI application; but, in practice
their use is limited because their use needs support from the application and from the
operating system.
There are a few exceptions to this limitation. Some GUI scripting languages are based on
recognizing graphical objects from their display screen pixels. These GUI scripting languages
do not depend on support from the operating system or application.
Application-specific languages
Many large application programs include an idiomatic scripting language tailored to the
needs of the application user.
Likewise, many computer game systems use a custom scripting language to express the
programmed actions of non-player characters and the game environment.
Languages of this sort are designed for a single application; and, while they may
superficially resemble a specific general-purpose language (e.g. QuakeC, modeled after C),
they have custom features that distinguish them. Emacs Lisp, while a fully formed and
capable dialect of Lisp, contains many special features that make it most useful for extending
the editing functions of Emacs.
An application-specific scripting language can be viewed as a domain-specific
programming languagespecialized to a single application.
Text processing languages
The processing of text-based records is one of the oldest uses of scripting languages. Scripts
written for the Unix tools AWK, sed, and grep automate
tasks that involve text files, for example, configuration and log files. Perl was originally
designed to overcome limitations of these tools and has grown
to be one of the most widespread general purpose languages.
General-purpose dynamic languages
Some languages, such as Perl, began as scripting languages[8] but were developed into
programming languages suitable for broader purposes.
Other similar languages frequently interpreted, memory-managed, or dynamic have
been described as "scripting languages" for these similarities, even if they are more
commonly used for applications programming.
They are usually notcalled "scripting languages" by their own users.
Extension/embeddable languages
A number of languages have been designed for the purpose of replacing application-specific
scripting languages by being embeddable in application programs.
The application programmer (working in C or another systems language) includes "hooks"
where the scripting language can control the application.
These languages may be technically equivalent to an application-specific extension
language but when an application embeds a "common" language, the user gets the advantage
of being able to transfer skills from application to application.
28

 JavaScript began as and primarily still is a language for scripting inside web browsers;
however, the standardization of the language as ECMAScript has made it popular as a
general purpose embeddable language.
In particular, the Mozilla implementation SpiderMonkey is embedded in several
environments such as the Yahoo! Widget Engine.
Other applications embedding ECMAScript implementations include the Adobe products
Adobe Flash (ActionScript) and Adobe Acrobat (for scripting PDF files).
Tcl was created as an extension language but has come to be used more frequently as a
general purpose language in roles similar to Python, Perl,
and Ruby.
On the other hand, Rexx was originally created as a job control language, but is widely used
as an extension language as well as a general purpose language.
Other complex and task-oriented applications may incorporate and expose an embedded
programming language to allow their users more control and give them more functionality
than can be available through a user interface, no matter how sophisticated.
For example, Autodesk Maya 3D authoring tools embed the MEL scripting language, or
Blender which has Python to fill this role.
Some other types of applications that need faster feature addition or tweak-and-run cycles
(e.g. game engines) also use an embedded language.
During the development, this allows them to prototype features faster and tweak more
freely, without the need for the user to have intimate knowledge
of the inner workings of the application or to rebuild it after each tweak (which can take a
significant amount of time.)
The scripting languages used for this purpose range from the more common and more
famous Lua and Python to lesser-known ones such as AngelScript and Squirrel.
Ch is another C compatible scripting option for the industry to embed into C/C++
application programs.
Market analysis
According to a global survey performed by Evans Data in 2008,[9] the most widespread
scripting language is JavaScript.
The second most widespread is PHP.
Perl is the third most widespread scripting language, but in North America it enjoys
significantly more popularity.
Example(Java Script)
<html>
<body>
<p>Click the button to demonstrate the prompt box.</p>
<button onclick="myFunction()">Try it</button>
<p id="demo"></p>
<script>
function myFunction()
{
var x;
var name=prompt("Please enter your name","Harry Potter");
if (name!=null)
{
x="Hello " + name + "! How are you today?";
document.getElementById("demo").innerHTML=x;
}
}
</script>
</body>
</html>

29