Internet / Intranet CIS-536 Class 10
Internet / Intranet
CIS-536
Class 10
2
Class 10 Agenda
Milestone#4 - DiscussionPresentationsCookiesMisc. TopicsWireless Devices: WAP / WMLWrap-Up
3
Cookies Revisited
Cookies Are Name Value Pairs Passed in the HTTP HeaderCookies Have Associated Expiration
Session (Default)Date / Time
Associated With a URL Path, Not a Page!Allows Passing Parameters Between Web Pages
Thus Cookies are Used to Provide State Information to a Stateless Protocol
4
Cookie Jar
Cookie Storage Internet Explorer c:\windows\cookies Each Has its Own FileNetscape Navigator cookies.txt (all kept in the file)
Limits20 Cookies4K Per Name/Value Pair
5
More Cookies Cookies are Traditionally Set By Server
Set-CookieBrowser is Responsible For Maintaining Them
Stored On Client’s ComputerPassed to Server When Web Site is Revisited
HTTP-CookieCookie Attributes
Name – The Name of the CookieSubsequent References to Same Name Overwrites Cookie Attributes
Value – The Value of the Cookie Identified by NameExpiration – When the Cookie Expires
No Date Specified – Cookie Expires at End of SessionPast Date/Time – Delete the CookieFuture Date/Time – Delete the Cookie After This Date
Example
6
Cookie Bits
Example CookieSet-Cookie: tollhouse=favorite;expires=Thursday, 16-Mar-2000 00:00:00 GMT;path=“”
Note That Date Must Follow This Format:Weekday, DD-MMM-YYYY HH:MM:SS GMT
RFCs specify GMT as the mechanism for handling time problems on the InternetHTTP-Cookie Only Sends Name/Value Pair
7
Cookies - JavaScript
Cookies Can be Set in JavaScriptdocument.cookie = “ “Use Date.toGMTString() to set expiration dateE.g.
document.cookie = “version=1.0; ” + “expires=“ + edate.toGMTString();
To Read a Cookie Value in JavaScriptvar allcookies= document.cookie;var pos = allcookies.indexOf(“version=“);if (pos != -1) {
var start = pos +8; var end = allcookies.indexOf(“;”,start);if (end == -1) end = allcookies.length;var value = allcookies.substring(start,end);vervalue = unescape(value);
}
8
Cookie Structure
Path InformationDefault is to Send Cookie to Any URL in the Same Directory or any Subdirectory of the Page Which Set CookiePath Attribute Can Request That Cookie Be Sent to All URLs in Path (and its Subdirectories)
Only Paths That are a Prefix of Current URL are AllowedIf Cookies Overlap, All are Sent.
Ordered by Most Specific to Least Specific MatchDomain Attribute – Allows Cookies to Be Shared Across Sites
Must Be Part of Same DomainE.g. boston.brandeis.edu and lab.brandeis.edu are part of the same domain but may be different servers
Secure – Only Sends Cookie If Secure Protocol is Used (e.g. SSL)
9
Security Issues
Protections:Cookie Can Only Store Information Already Known to Server
Can’t Access Hard Disk, etc.
Data Only – Not Executed by Client MachineData Can’t Be Shared Across Sites
Concerns:Of Course This Assumes That Browser Follows the RulesBrowser Can Store Sensitive Information
E.g. If Server Doesn’t Set Secure Tag, a Credit Card # May Be Passed in Clear to Another Page in Same Path
“Invisible” to UsersPaths Are Not Always Obvious
E.g. Multiple Sites Receive Graphics From DoubleClick Server
DoubleClick Can Now Gather “Cross-Site” Information
Zealous privacy folks advocate turning off cookies
10
Performance Tuning / Testing
Performance ImprovementsServer Scripting, etc. Degrades Server Performance
Minimize Reliance on Server Scripting“Compile” Frequently Used Documents
Increase CPU, Disk, Caching, Internet PipeMultiple Servers (Basic)
Distribute Pages Across Servers
Multiple Servers (Advanced)Route Requests to Multiple ServersRound Robin DNS
DNS Server Returns a Different IP Address Each Time
11
Web Robots
Spiders, Crawlers, and Bots, Oh My!Programmatically Visit and “Analyze” Web Sites
Gather Information From The SiteTypically as Data For Search EnginesValidate Links For Currency
Follow Links
Robot Protocol (Voluntary)robots.txt – In top-level Directory of a Site
User-Agent: Names of Robots or *Disallow: Parts of Hierarchy to Disallow or /
<META Name=“Robots” Content=“NoIndex, NoFollow”>
Or Index, Follow – Tells Robot Whether or Not to Index Site, Follow Links
User-Agent Typically Identifies RobotAccesses to robot.txt
12
Building Web Robots
Issues When Building a RobotFollow Web Exclusion RulesParsing
Ability to Parse HTML For Target Info. Identify Links.
IterationSearch Strategies:
Breadth FirstDepth First
Avoid Endless LoopsDon’t Revisit Links Already Visited
Don’t Follow Outside Links?
TerminationDepth, Sites Visited, Time, High Proportion of Duplicate Links
Tools For Bulding RobotsJavaScriptVB 6 – Internet Transfer Control and Web Browser ControlOthers
13
Trends toward smaller devices
Moore’s lawHistory of Computers
trend toward smaller devicestrend toward cheaper devices
processors in more and more devicesTCP/IP can expand well beyond PCs5 year time frame ( Gartner Group )
a billion mobile phones ( US lags behind Europe and Asia )over half of Internet access through non-PCsM-Commerce replaces E-Commerce
14
Wireless Internet
HDML - 1995Handheld Device Markup Languagesubset of HTML
I-mode - Japanuses a tag language based on HTMLcHTML7 million users
WAP/ WMLcurrently at 1.3 ( 1.1 widely supported )protocol extends Internet to Phonesspecialized for smaller screens
GPRS general packet radio switching
15
Wireless ‘Non-Internet’
continued investment - limited commercial successBluetooth
develop a wireless standard for all devices
low earth orbit satellites must be in low orbitbig time failures (Iridium, Globalstar) - Teledisic ?? ( Bill Gates and Craig McCaw )
Many premature predictions about wireless1993 was supposed to be the year of wirelessissues of latency, reliability, security, processing power
16
WAP Application Architecture
WAP Gatewaysconnect Wireless Messages with Internet
Leverage the Internet plumbing Wireless requested converted to HTTP
17
WAP Gateways
Implement WAP protocol stack layersaccount for security and sessions
convert WSP -> HTTPEncodes HTTP heads as binary tokens
Domain Name ResolutionHTML to WML conversion
limited success so far
encode WML contentSecurityCache frequently accessed content
18
WAP Gateways
offered by all major vendorsNoikaMotorolaEricsson
Kannel ( Open-Source WAP Gateway )
19
WAP Protocol Stack
derived from the OSI Reference ModelApplication Layer ( WAE )Session Layer ( WSP )Transaction Layer ( WTP )Security Layer ( WTLS )Transport Layer ( WDP )Bearers (SMS, CSD, USSD, CDMA, CDPD .. Others )
20
Phone emulators
Simulate phone usage ( see example )not perfect approximation
used to develop wireless applicationsNoika WAP Toolkit
image support
Phone.Com ( UP.Simulator )EricsonMotorola
VoxML ( precedes VoiceXML )
host of other toolsMicrosoft Mobile Explorer
provide a useful tool for test/debug cyclesstill at the early stages
21
WAP Devices
limited processing powerlimited RAMembedded Browsers
do not behave the samecache requests
emulators simulate ( do not forget to clear )lots of latency
currently 9600 bits per secondversus 56 kilo bits per second wired
Deja-vu for programmersback to 64K barriersmachine code
22
Configuring Servers for Wireless
add MIME types (.htaccess in Apache, IIS Registry)
wml - text/vnd.wap.wmlwlmc - application/vnd.wap.wmlc.wmls - text/vnd.wap.wmlscriptwmlsc - application/vnd.wap.wmlscriptcwbmp - image/vnd.wap.wbmp
Shore.net Apache server supports wmlCall server scripts within documents same as before
support for CGI/PerlCold FusionJSP/ASP
23
WML
designed for small displaysdeck of cards metaphor
replaces <BODY> concept
XMLall docs need an XML declaration and DTDall documents must be well formedText Formating
<p> </p> used for all text<br/> breaks textsupport for styles
Bold <b></b>Italitic <I></I>
24
WML
anchor tags wrap links same as HTML<go> tag indicates action when link is selected# used to select other cards in the deckWML Input<input name =“var” > tagvariables then displayed with ‘$’ delimiter
25
More WML
<prev> tag sends the user back to the previous document<do> associates an action with a given element<do type=“prev” label=“Previous”>
<prev/>
</do>Creates a Previous operation for a softkey<select> element
26
Wireless Scripting
WMLScript - based on ECMAscriptuseful for validation
WML tags support eventstimerscard supports three main events
onenterforwardonenterbackwardonTimer
27
WML GET/POST request
WML supports HTTP Get & PostGET Request
append data as parameter to the URLuse WMLScript
POST Requestspecify as an attribute in the <go> tag<go method=“post” href=“somescript.pl”>
<postfield name=“product” value=“$(product)”/>
</go>
28
WML Images
wireless bitmaps (WBMP)monochromeinitially needed to convert bits in GIF and JPG filestools are emerging
Nokia toolkit supportsplug-ins exist for most major tools ( Photoshop, Paintshop)
watch out for latency !!!Large bitmaps
29
Usability
Terse documentsWML apps need to deliver bullet pointsshort text labelsminimize data entrysites need high personalization
NOT the Internet on a cell-phoneNew applications will be createdStill significant browser differences
tags do not work in a uniform waysignificant differences in screen size
30
WAP Resources
WAP FAQ http://www.wap.comWAP forum http://www.wapforum.orgProfessional WAP ( Wrox Press )
ISDN 1-861004-04-4
31
Presentations
Mirrors Real Life SituationsCoWorkers, Audience Have Different BackgroundsRelevance to Audience Varies
Some With Lots of Experience – Want DetailsManagement vs. Technical PersonnelStrategy:
Give Enough Background to Identify Key IssueMost Will File it Away for Future Reference
Identify Target AudienceGive “Meaty” Info
Be Judicious With TimeCan’t Cover Everything
Provide Reference MaterialThose Who Want to Learn More CanMost Will Want Info at Some Point in Future
32
Career AdviceSoftware Engineering Growth Paths
Require Ability to Bridge Gap Between Management and Technical
Management Concerned With Practical Implications, Not Technical Details
TechnicalKnowledge and Ability to Implement Task
“Political”Different Personalities Have Different Expectations
Valuable SkillsTechnical KnowledgeCustomer RequirementsDevelopment Schedule / Quality / Maintenance / Cost MentorshipCommunication
33
Wrap-Up
Ongoing Resource: [email protected] QuestionsJobs, etc.
Grading
ShoreNet AccountsClass Web SiteEnjoy Your Break!