8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
1/44
Programming forthe web
Lesson 2
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
2/44
Internet
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
3/44
World wide web(WWW)
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
4/44
How does the webwork?
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
5/44
HTTPHyperText Transfer Protocol
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
6/44
Request-response networking protocol thatsits on top of TCP
Forms basis of World Wide Web
Originally created for information sharingCurrent version HTTP 1.1
Default TCP port 80
Client submits request to server, serverresponds with resource
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
7/44
webserver
request
response
useragent
session
resource
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
8/44
Request LineMethod + Resource
Request Headers
Response LineStatus code
Response Headers
Response Body
GET /index.html HTTP/1.1Host: example.com
Referer : saush.com
HTTP/1.1 200 OKDate: Wed, 28 Jan 2009 19:32:18 GMTServer: Apache/2.2.3 (CentOS)Content-Length: 438Connection: closeContent-Type: text/html; charset=UTF-8
Example Web Page..
Response
Request
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
9/44
StatelessEvery subsequent visit via HTTP is same asthe rst visit.
Works with a single TCP connection which isused *only* for content transfer, and noadditional connection is used to maintainsessions.
Cookies, Session IDs are alternative ways of maintaining sessions.
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
10/44
Some important request
headersAccept : text/html (Acceptable mimeformats)
Referer : example.com (Which page lead tothis page)
User-Agent : Firefox/Safari (Type of browser)
Host : yahoo.com (Domain name, reqd for 1.1)
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
11/44
Some important
response headersContent-type : text/html
Content-Encoding : utf8 (Encoding type)Content-Length : Length in bytes
Server : Apache/IIS (Name of the server,like user-agent)
Location : new-site.com (For redirection)
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
12/44
Non persistent connections
(HTTP/1.0)open
connection
get HTML
closeconnection
Others?(CSS,
images, JSetc)
open connection
get image
close connection
open connection
get image
close connection
open connection
get image
close connection
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
13/44
Persistent Connections
(HTTP/1.1)
openconnection get HTML
closeconnection
get CSS,images, JSin same
connection
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
14/44
HTTP Methods
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
15/44
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
16/44
GET
POST
PUT
DELETE
HEAD
TRACE
OPTIONS
CONNECT
PATCH
safe
methods
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
17/44
GET
POST
PUT
DELETE
HEAD
TRACE
OPTIONS
CONNECT
PATCH
idempotentmethods
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
18/44
HTTP Methods are verbs/actionsacting on nouns/resources
GET nice_image
DELETE this_page
POST my_new_email
GET /index.html (the actualstuff)
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
19/44
GETGet any resource
GET method is used when you click a link onany site.Most of the cases when you want to fetch adocument
You can pass variables through GET usingthe query
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
20/44
HTTP resourcesIdentied by Universal Resource Identiers(URI), specically Universal ResourceLocators (URLs)
http :// www.saush.com : 80 /some/index.html ? name=value # here
scheme hostname port path query fragment
Long URLs not advisable, IE doesnt support >2048 characters
Saturday, September 11, 2010
http://www.saush.com/index.html?name=valuehttp://www.saush.com/index.html?name=value8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
21/44
GET is idempotent
Which means, how many ever times you hitthe same resource, it should produce thesame effect.Getting /index.html any number of timesshould (ideally) give the same effect.
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
22/44
POSTModify (append) information in the server
POST Changes the state of the server
POST is used mostly in HTML Forms
POST passes variables through the requestbody
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
23/44
POST /index.html HTTP/1.1Host: example.com
first_name=sausheong&last_name=chang
HTTP/1.1 200 OKDate: Wed, 28 Jan 2009 19:32:18 GMT
Server: Apache/2.2.3 (CentOS)Content-Length: 438Connection: closeContent-Type: text/html; charset=UTF-8
Example Web Page..
POST variables inrequest body
Response
Request
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
24/44
HTML browserssupport only GET and
POST
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
25/44
Other methods
HEAD Just get me the response headers
PUT Create a new resource
DELETE Delete the resource
TRACE Get me back my request headers,
after modications done by intermediateservers.
OPTIONS Gives back what all HTTP
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
26/44
HTTP Status Codes1XX Informational
100 Continue
2XX Success
200 Success
3XX Redirection
301 Moved Permanently
302 Found (temporaryredirect)
304 Not Modied goahead and use cacheddata
4XX Client Error
401 - Unauthorized (needauthenti cation)
404 - Not Found (resource is
not there)5XX Server Error
500 Internal Server Error
http://en.wikipedia.org/wiki/List_of_HTTP_status_codes
Saturday, September 11, 2010
http://en.wikipedia.org/wiki/List_of_HTTP_status_codeshttp://en.wikipedia.org/wiki/List_of_HTTP_status_codeshttp://en.wikipedia.org/wiki/List_of_HTTP_status_codeshttp://en.wikipedia.org/wiki/List_of_HTTP_status_codes8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
27/44
Authentication
Basic Access Authentication
Digest Access Authentication
Form-based Authentication
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
28/44
Basic access
authenticationUsername appended with password, encodedusing Base64
Intent is not to encrypt username/passwordbut to remove non-HTTP compatiblecharacters. Not secure
Available in all browsersAuthentication handled by server
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
29/44
POST /index.html HTTP/1.1Host: example.comAuthorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
HTTP/1.1 200 OKDate: Wed, 28 Jan 2009 19:32:18 GMT
Server: Apache/2.2.3 (CentOS)Content-Length: 438Connection: closeContent-Type: text/html; charset=UTF-8
Example Web Page..
Aladdin:open sesame
Response
Request
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
30/44
Digest access
authenticationApplies MD5 cryptographic hashing to secureusername/password sent over to server
More secured than basic acccessauthentication
Authentication handled by server
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
31/44
Form-based
authenticationMost commonly usedClient sends HTML Form with username/password information encrypted with HTTPS
Authentication handled by web application(not web server)
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
32/44
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
33/44
HTMLCSS
JavascriptDHTML
AJAXFlash
RIA
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
34/44
Common Gateway Interface
Standard (RFC 3875) that denes how a web
server can delegate the generation of webpages to another process
CGI
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
35/44
webserver
persistentstore
CGI process/application
server
HTTPrequest
HTTPresponse
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
36/44
Model-View-ControllerPattern
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
37/44
HTML/CSS/Javascript
Web Application
View
Controller
Model
Persistent Store
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
38/44
Web Application
View
Controller
Model
JSP
Java Servlets
Hibernate/EJB
Java
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
39/44
Web Application
View
Controller
Model
Web Forms
Web Forms/ASPX (VB/CS)
VB/VS
ASP .NET
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
40/44
Web Application
View
Controller
Model
PHP
PHP/None
PHP/None
PHP
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
41/44
Web Application
View
Controller
Model
ActionView
ActionController
ActiveRecord
Ruby on Rails
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
42/44
Web Application
View
Controller
Model
ERB
Sinatra
DataMapper
Ruby (others)
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
43/44
Web servicesAPIs accessed through HTTP
Intention for machines to consume services
REST (Representational State Transfer)Describes access through HTTP methods
XML-RPC/SOAP
Wraps XML data in HTTP response body/envelope
Saturday, September 11, 2010
8/8/2019 Ruby Course - Lesson 2 - Programming for the Web
44/44
Questions?