Академический Документы
Профессиональный Документы
Культура Документы
TCP port 80
RFC 1945
HTML allows
Text formatting commands
Embedded objects
Links to other objects
RFC 3305
URL
Uniform Resource Locator
protocol (http, ftp, news)
host name (name.domain name)
port (80, 8080, )
directory path to the resource
resource name
absolute
relative
http://www.tti.unipa.it/~pg/pg/Teaching.html
http://xxx.myplace.com:80/cgi-bin/t.exe
http://example.org/absolute/URI/with/absolute/
path/to/resource.txt
ftp://example.org/resource.txt
urn:issn:1535-3613
/relative/URI/with/absolute/path/to/resource.txt
relative/path/to/resource.txt
../../../resource.txt
./resource.txt#frag01
request-response
HTTP request messages for HTML pages, images,
scripts and styles sheets.
Web servers handle these requests by returning response
messages that contain the requested resource.
Client Server
GET w
ww.cs
.virgin
ia.edu
Retrieve Data
From Disk
Client Server
GET w
ww.cs
.virgin
ia.edu
Retrieve Data
From Disk
GET i
mage.
gif
Retrieve Image
From Disk
Header Fields:
From
Accept
Accept-Encoding
Accept Language
Additional Headers
Request Pipelining
close()
Ing. Pierluigi Gallo
Server Side Close()
Timeout!
Ing. Pierluigi Gallo
close()
CGI Scripts
fork()
CGI
Server Script
Send page
Request Response
HTTP/1.0 sp code
Codes:
1xx - reserved for future use
2xx - successful, understood and accepted
3xx - further action needed to complete
4xx - bad syntax in client request
5xx - server cant fulfill good request
Status Header
Entities
Content-Encoding:
Content-Length:
Content-Type:
Expires:
Last-Modified:
extension-header
Sessions
Special header tags interpreted by the server
Used by ASP, PHP, JSP
Implemented at the language api level
Methods
Signature
Encryption
Message sender
Authenticity
KPCS-7
RSA
Diffie-
Hellman Encrypt Method
KPCS-7
Client Encrypt Methods List
KPCS-7
RSA
Diffie-
Hellman
RFC 2315.
Used to sign and/or encrypt messages under a PKI. Used also
for certificate dissemination (for instance as a response to a
PKCS#10 message).
Formed the basis for S/MIME, which is as of 2010 based on RFC
5652, an updated Cryptographic Message Syntax Standard
(CMS). Often used for single sign-on.
PKCS
Ing. Pierluigi Gallo
Cryptographic Algorithm and digital
signature modes for S-HTTP
Digital signature
Message authentication
Message encryption
The proxy sits between the client and the server. In the simplest case,
instead of sending requests directly to the server the client sends all its
requests to the proxy. The proxy then opens a connection to the server,
and passes on the client's request. The proxy receives the reply from the
server, and then sends that reply back to the client
the proxy is acting like
HTTP client (to the remote server)
HTTP server (to the initial client)
Ing. Pierluigi Gallo
how the proxy works
performance improvement
All requests coming from clients using the same proxy appear to
come from the IP address and User-Agent of the proxy itself
(Cache)
Fire
wall
Peak Level
Bandwidth
0 Day 1
Ing. Pierluigi Gallo Day 2
Caching, proxing, filtering
Content Filtering
Dansguardian, squidguard,
http proxy
squid, tinyproxy, Apache Traffic Server,
firewall
iptables, firehol,
/usr/local/etc/dansguardian.conf
/usr/local/etc/dansguardian/lists/bannedsitelist
/usr/local/etc/tinyproxy.con