Programming web-based applications

Similar documents
Programming web-based applications. World Wide Web (WWW) Protocols for the web. A.Lioy - Politecnico di Torino (2009) C-1

Publishing On the Web. Course Content. Objectives of Lecture 7 Dynamic Pages

CS WEB TECHNOLOGY

Web Architecture and Technologies

Distributed systems' architecture

Distributed systems' architecture. Typical application model. Example ( classic app.) A.Lioy - Politecnico di Torino (2009) A-1

Shankersinh Vaghela Bapu Institue of Technology

Outline of Lecture 5. Course Content. Objectives of Lecture 6 CGI and HTML Forms

Course title: WEB DESIGN AND PROGRAMMING

710 Index Attributes, 127 action attribute, 263 assigning, bottom attribute, domain name attribute, 481 expiration date attribute, 480 8

Web Engineering. Basic Technologies: Protocols and Web Servers. Husni

JavaScript By: A. Mousavi & P. Broomhead SERG, School of Engineering Design, Brunel University, UK

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Chapter 10 Web-based Information Systems

13. Databases on the Web

Exam : 9A Title : Adobe GoLive CS2 ACE Exam. Version : DEMO

KINGS COLLEGE OF ENGINEERING 1

Java Applets, etc. Instructor: Dmitri A. Gusev. Fall Lecture 25, December 5, CS 502: Computers and Communications Technology

COSC 2206 Internet Tools. The HTTP Protocol

Contents 1 INTRODUCTION TO COMPUTER NETWORKS...

Computer Networks. Wenzhong Li. Nanjing University

EEC-682/782 Computer Networks I

HTML forms and the dynamic web

Chapters. Client-Side Programming Server-Side Programming Web-Content-Management Web-Services Apache Webserver Robots, Spiders and Search engines

Hypertext Transport Protocol

IT2353 WEB TECHNOLOGY Question Bank UNIT I 1. What is the difference between node and host? 2. What is the purpose of routers? 3. Define protocol. 4.

Connecting with Computer Science Chapter 5 Review: Chapter Summary:

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

Software Elements of Electronic Business Sites

CERTIFICATE IN WEB PROGRAMMING

3. WWW and HTTP. Fig.3.1 Architecture of WWW

Table of Contents WWW. WWW history (2) WWW history (1) WWW history. Basic concepts. World Wide Web Aka The Internet. Client side.

Alpha College of Engineering and Technology. Question Bank

BIG-IP Access Policy Manager : Portal Access. Version 12.1

Application Level Protocols

Dynamic Documents. Kent State University Dept. of Math & Computer Science. CS 4/55231 Internet Engineering. What is a Script?

Contents. Acknowledgments

CS105 Perl: Perl CGI. Nathan Clement 24 Feb 2014

Programming the World Wide Web by Robert W. Sebesta

Lecture : 3. Practical : 2. Course Credit. Tutorial : 0. Total : 5. Course Learning Outcomes

Lecture 7b: HTTP. Feb. 24, Internet and Intranet Protocols and Applications

Web Systems & Technologies: An Introduction

The World Wide Web. Internet

Lecture Overview. IN5290 Ethical Hacking. Lecture 4: Web hacking 1, Client side bypass, Tampering data, Brute-forcing

Sections and Articles

Introduction. WWW history. Application concepts, WWW and HTTP Perspectives on (mobile) communications. Fredrik Alstorp Torbjörn Söderberg

Session 16. JavaScript Part 1. Reading

Web Site Development with HTML/JavaScrip

1.264 Lecture 12. HTML Introduction to FrontPage

WEB TECHNOLOGIES CHAPTER 1

Developing Web Applications

Web Systems & Technologies: An Introduction

BIG-IP Access Policy Manager : Portal Access. Version 13.0

COMPUTER NETWORKS AND COMMUNICATION PROTOCOLS. Web Access: HTTP Mehmet KORKMAZ

Web Standards. Web Technologies. Web Standards. URI and URL

CS Final Exam Review Suggestions - Spring 2018

The Ins & Outs of InternetTransaction M anagem ent. Laury Behrens DIS Research

Web Engineering (CC 552)

CMPE 151: Network Administration. Servers

Web Programming Paper Solution (Chapter wise)

HTTP Reading: Section and COS 461: Computer Networks Spring 2013

University of Toronto School of Continuing Studies. A Conceptual Overview of E-Business Technologies

Module 3 Web Component

HTTP Protocol and Server-Side Basics

Chapter 2. Application Layer

Lecture 9a: Sessions and Cookies

Web, HTTP and Web Caching

CISH-6510 Web Application Design and Development. Overview of JavaScript. Overview

Unit 4. CRM - Web Marketing 4-1

UR what? ! URI: Uniform Resource Identifier. " Uniquely identifies a data entity " Obeys a specific syntax " schemename:specificstuff

~ Ian Hunneybell: DIA Revision Notes ~

Introduction to DHTML

Web Technology. COMP476 Networked Computer Systems. Hypertext and Hypermedia. Document Representation. Client-Server Paradigm.

Global Servers. The new masters

1.1 A Brief Intro to the Internet

1.1 A Brief Intro to the Internet

Web Architecture AN OVERVIEW

E ECMAScript, 21 elements collection, HTML, 30 31, 31. Index 161

Notes General. IS 651: Distributed Systems 1

Objectives. Connecting with Computer Science 2

Session 6. JavaScript Part 1. Reading

Chapters. Web-Technologies I 1

INSTITUTE OF AERONAUTICAL ENGINEERING (Autonomous) Dundigal, Hyderabad

THE BCS PROFESSIONAL EXAMINATIONS BCS Level 5 Diploma in IT PRINCIPLES OF INTERNET TECHNOLOGIES. Specimen Answers

Session 8. Reading and Reference. en.wikipedia.org/wiki/list_of_http_headers. en.wikipedia.org/wiki/http_status_codes

The figure below shows the Dreamweaver Interface.

CNIT 129S: Securing Web Applications. Ch 3: Web Application Technologies

Computer Science E-1. Understanding Computers and the Internet. Lecture 10: Website Development Wednesday, 29 November 2006

Client-side Techniques. Client-side Techniques HTML/XHTML. Static web pages, Interactive web page: without depending on interaction with a server

JavaScript CS 4640 Programming Languages for Web Applications

Proxying. Why and How. Alon Altman. Haifa Linux Club. Proxying p.1/24

SOFTWARE ARCHITECTURE SUMMARY. Tatsuya Hagino

Chapter 15 Plug-ins, ActiveX, and Applets

Standard 1 The student will author web pages using the HyperText Markup Language (HTML)

Apica ZebraTester. Advanced Load Testing Tool and Cloud Platform

20. Web Hosting 웹프로그래밍 2016 년 1 학기 충남대학교컴퓨터공학과

FBCA-03 April Introduction to Internet and HTML Scripting (New Course)

WWW Document Technologies

Internet Standards for the Web: Part II

JavaScript CS 4640 Programming Languages for Web Applications

Transcription:

Programming web-based applications Antonio Lioy < lioy@polito.it > english version created and modified by Marco D. Aime < m.aime@polito.it > Politecnico di Torino Dip. Automatica e Informatica World Wide Web (WWW) often simply abbreviated as web set of: communication protocols data formats built on top of TCP/IP channels CSS PNG HTML XHTML JS data HTTP TCP IP FTP protocols A.Lioy - Politecnico di Torino (2009) C-1

Protocols for the web several existing protocols can be used (e.g. FTP) limitations / complexity since they were not designed for the web a new application protocol has been defined: HTTP the application protocol determines which functions are available (e.g. with FTP only GET and PUT of files) The static web 2. read page from disk browser web 1. page request 4. send HTML page server web HTML page HTTP channel 3. HTML page 5. HTML interpretation A.Lioy - Politecnico di Torino (2009) C-2

Static web the web page never changes its content until the author does not change it explicitly the content of the page: does not depend on the interaction with the user does not depend on the information sent by the client to the server does not depend on the time it is requested page implemented in HTML /CSS Static web: pros and cons every web page is associated with an HTML file (+) maximum efficiency (low load on CPU) (+) possibility to perform page caching: in RAM (by the server) or on disk (by client or proxy) by the server by the client by proxies (+) pages can be indexed by search engines ( ) data is static ( ) no adaptation to clients and their capabilities A.Lioy - Politecnico di Torino (2009) C-3

Request of a static page http://security.polito.it/~lioy/01eny/ http:// security.polito.it /~lioy/01eny/ DNS 80 / tcp 130.192.1.8 web server URI rewriting /u/lioy/public_html/01eny/index.html file system Performance model for static web URI parsing + channel set-up HTTP request transmission HTML interpretation + display UA HTTP response transmission network HTTP srv disk request analysis retrieving HTML page response creation user think time t A.Lioy - Politecnico di Torino (2009) C-4

Agent, server, proxy and gateway User Agent = browser (but also spiders, robots, ) Origin Server = provider of the desired service intermediate elements may exist between UA and OS, acting as client and server at the same time: gateway public interface for servers e.g. for security or load balancing (delegated) proxy works on behalf of the client forwards the request to the server or answers directly by using a cache also for authentication Proxy and gateway scheme LAN / Intranet / ISP (client) LAN / Intranet / ISP (server) user agent proxy Internet gateway origin server cache (private) cache (shared) cache (RAM) A.Lioy - Politecnico di Torino (2009) C-5

Proxy caches only static pages behaviour: transparent = does not modify the request (except mandatory parts) non-transparent = re-writes the request (e.g. anonymiser) UA configuration: explicit (requires intervention on the client) implicit (requires intelligence in the network) proxy hierarchies (e.g. POLITO, IT, EU) are possible often used by ISPs to improve clients navigation speed 1. HTTP 2. HTML 3. CSS A.Lioy - Politecnico di Torino (2009) C-6

Static web with dynamic pages the client evaluates the dynamic content of the page (script, or Java applet, or Active-X control) 2. read DHTML page browser web 1. page request 4. send DHTML page server web DHTML page HTTP channel 3. DHTML page 5. dynamic part execution + HTML interpretation Static web with dynamic pages pages change their content depending on user interaction e.g. context menu popping up when the mouse is positioned ii over a specific area generically known as DHTML: HTML 4.0 or greater CSS (Cascaded Style Sheet) client side scripting languages ECMA 262 (EcmaScript Edition 3) implemented as JavaScript or JScript VBScript (only for IE 4.0 or greater) A.Lioy - Politecnico di Torino (2009) C-7

Dynamic pages: pros and cons content presentation is variable (+) efficient (low CPU load on servers) ( ) inefficient (medium-high CPU load on clients, especially for applets) (~) possibility to perform page caching (~) pages can be indexed by search engines (but only the static data ) ( ) static data ( ) functionality depends upon client capabilities (scripting languages, applet types, CPU, RAM, ) Dynamic pages: applets two types of applet: Java applet (requires a JVM in the browser) ActiveX control (requires IE + Wintel) problems: compatibility (which version of language / JVM?) load (require execution) security (execution of a full program): Java applet executes within a sandbox activex installs a DLL (!) A.Lioy - Politecnico di Torino (2009) C-8

Performance model for static web with dynamic pages no difference w.r.t. static web for the network part and the server side increased computational and memory load on the client side: depends on the chosen technology increasing load for CSS client-side scripts Active-X controls Java applets Client-side scripting HTML is a page description language the only possible activity is following the links interactivity is added to HTML pages through some code to be interpreted at the client (by the browser): NS and SUN invented the LiveWire language, later renamed it JavaScript (but it s not a subset of Java!) MS invented VBScript (subset of VBA), and later JScript JavaScript and JScript merged in ECMAScript: ECMA-262 standard popularly known as JavaScript (version >= 1.3) A.Lioy - Politecnico di Torino (2009) C-9

Client-side scripting: what s for? dynamically insert elements within HTML pages a function written in the scripting language of choice can be associated to some event triggered by page interaction: i e.g. click on a figure e.g. submission of a form execute some code in reaction to an event validate data inserted in a form before submitting it to the server it saves useless traffic on the network and simplifies the application logic on the server side 19 interpreted language JavaScript includes a limited set of commands required by client-side applications to: elaborate data inserted in the FORMs included in the HTML page send commands to the browser (e.g. open/close windows) execute some operations in reaction to an event triggered by a given user action (event handler) A.Lioy - Politecnico di Torino (2009) C-10

JavaScript core and extensions client-side JavaScript client-side extensions (e.g. window, history) Core JavaScript ( variables, functions, LiveConnect, ) server-side extensions (e.g. database, server mgmt) server-side JavaScript JavaScript and HTML pages to send JavaScript applications to the browser: insert the JavaScript code inside the html page by using the tag <script> import the code from an external file (with.js extension) by using <script src=... > specify a JavaScript expression as the value of an HTML attribute insert a JavaScript expression as an event handler (DOM event handler) within specific HTML tags A.Lioy - Politecnico di Torino (2009) C-11

JavaScript: first example <html> <head></head> <body> <script type="text/javascript"> document.writeln("ciao!") </script> </body> </html> 29 js1.html JavaScript: table of squares <html> <head> <title>table of squares</title> </head> <body> <h1>table of squares</h1> <script type="text/javascript"> <!-- var i; for (i=1; i<20; i++) { document.writeln("<p>" + i + "^2 = " + i*i + "</p>"); } // --> </script> </body> </html> A.Lioy - Politecnico di Torino (2009) C-12

DOM event handler you can associate JavaScript commands to events through an event handler syntax: <TAG... eventhandler = JavaScript_code > where: TAG is a generic HTML tag eventhandler is the name of the event handler (e.g. onclick, onfocus, onblur, onsubmit, onreset, onchange, onload, onunload) JavaScript Code is a sequence of JavaScript commands (often a function call) JS: second example <html><head> <title>example: JS associated to onclick</title> <script type="text/javascript"> text/javascript function makered(x){ obj = document.getelementbyid(x); obj.style.color="red"; } </script></head><body> <p id="id1" onclick="makered('id1')"> Click on this text to make it red! </p> </body></html> 32 js2.html A.Lioy - Politecnico di Torino (2009) C-13

JS: third example when the same script is used for multiple pages, you may write it in an external file and link it in the HTML page the.js file must be a text file have a name with max 8 characters not contain the tag <script> 33 JS: third example (2) <html> <head> <script src="js3.js" type="text/javascript"> </script> </head> <body> <p id="id1" onclick="makered('id1')"> Click on this text to make it red!</p> </body> </html> js3.html function makered(x) { obj = document.getelementbyid(x); obj.style.color="red"; } js3.js A.Lioy - Politecnico di Torino (2009) C-14

DOM (Document Object Model) an object-oriented view of the HTML page provides a map of the web elements using an object-oriented metaphor DOM is a data structure not a language used in association with a client-side scripting (JavaScript, VBscript) to manipulate these data structures W3C tracks and tries to standardise the way the various scripting languages interact with the data structures at the basis of HTML DOM level 1: www.w3.org/tr/1998/rec-dom-level-1-19981001 DOM example A.Lioy - Politecnico di Torino (2009) C-15

DOM example: object hierarchy <script...>... name = document.forms[0].elements[0].value alert("ciao " + name)... </script> DOM: giving names to objects to simplify access to a given element (instead of using the hierarchical reference) you may assign a unique name to it: attribute name (available only for some tags) attribute id (available for every tag) example ( intro is a reference to a specific instance of the tag <h1>): <html> <body> <h1 id="intro">introduction</h1>... </body> </html> A.Lioy - Politecnico di Torino (2009) C-16

DOM object hierarchy window +--parent, frames, self, top +--location +--history +--document +--forms elements (text elements, textarea, checkbox, radio, password, select, button, submit, reset,...) +--links +--images +--background The dynamic web browser web 1. resource request (CGI, ASP, PHP, ) 5. send HTML / DHTML page HTTP channel server web 2. forward request to the correct interpreter interpreter (perl, php...) 3. read required file 6. dynamic part execution + HTML interpretation 4. read data from DB / file DB HD file.pl.php... HD A.Lioy - Politecnico di Torino (2009) C-17

Dynamic web page is dynamically generated by the server its information content chages depending on: request sent by the client content of a database date/time of the request techniques to implement the dynamic web: CGI server-side scripting language (JavaScript/Jscript, VBScript, PHP, PerlScript, Python,...) SSI (Server Side Include) servlet, JSP (Java Server Pages) Dynamic web: pros and cons adaptation of pages to variable conditions: input provided by client client capabilities (+) maximum dynamicity for the data (+) optimal adaptability to clients and their capabilities ( ) low efficiency (high CPU load) ( ) impossible to perform page caching if the selection parameters are not inside the URL (e.g. are inside cookies) possible errors if caching is active ( ) pages cannot be indexed by search engines A.Lioy - Politecnico di Torino (2009) C-18

CGI Common Gateway Interface http://hoohoo.ncsa.uiuc.edu/cgi/interface.html RFC-3875 the web server: starts the CGI application passes possible parameters to it: through stdin (POST, PUT methods) through a modified URL (GET method) receives result from stdout result must be in web format (HTML/CSS/scripting client-side) CGI behavioural scheme client (browser) 1. select application and send form data network 4. receive HTML page 3. send HTML page to the HTTP server and terminate application server HTTP 2. start CGI application and parameter passing CGI interface CGI application (executable or script to be interpreted) A.Lioy - Politecnico di Torino (2009) C-19

general method CGI: pros available on every web server (IIS, Apache, ) application written in whatever way executable file (=more efficient) interpreted script (=more flexible) CGI: cons every call requires activating a process: high initialisation cost high latency creation / destruction of many processes memory usage proportional to the number of processes active at the same time communication between the web server and the application is difficult (different memory spaces) A.Lioy - Politecnico di Torino (2009) C-20

CGI: cons (II) no mechanisms to share resources among CGI programs every access to a resource requires opening and closing the resource session and transaction concepts do not exist the graphic interface of the web application (i.e. the HTML tags) is embedded within the code paradigm not fit for applications with several concurrent users and requiring slow response times CGI: possible improvements use environment variables to communicate between the server and the application include one or more interpreters in the web server: (+) better activation speed (+) better communication with the application (+) lower memory occupation (-) increased size of the server pre-activation of the application (in N replicas) and inclusion in the server of a specific module to choose a free replica and communicate with it FastCGI A.Lioy - Politecnico di Torino (2009) C-21

Passing input parameters to CGI three ways to transmit forms data: standard input (when using POST or PUT) modified URL (when using GET): original CGI URL followed by? and by the list of data separated by & the environment variable QUERY_STRING contains the part of the URL following? command line (when using ISINDEX) other information passed to the application through a set of environment variables (e.g. REMOTE_ADDR, HTTP_USER_AGENT) Output generated by CGI the application must return valid HTML use à " < > the application must also return part of the HTTP headers; CGI/1.1 specifies the following headers: Content-Type: MIME type of the response Location: if a URI, the server sends a redirect to the client if a local document, the server sends it to the client Status: the server uses it as a status code in its header A.Lioy - Politecnico di Torino (2009) C-22

CGI: response generation HTTP header HTTP body HTTP/1.0 200 OK MIME-Version: 1.0 Server: Apache/1.3.19 Content-Type: text/html <HTML><HEAD></HEAD> <BODY> <H1>Ciao!</H1> </BODY> </HTML> server HTTP CGI application CGI example http://security.polito.it/~lioy/cgi/cgiecho http://security.polito.it/~lioy/cgi.htm (look at the difference between GET and POST) A.Lioy - Politecnico di Torino (2009) C-23

cgic ANSI C library fro CGI programming http://www.boutell.com/cgic/ extracts forms data, correcting browsers errors transparent treatment of GET and POST read form data or an uploaded file functions to set and read cookies correct treatment of CR and LF in text form extract forms data (string, int, real, single and multiple choices), controlling ranges of numeric types load the CGI env. variables in not null strings compatible with every CGI server (U*ix, Win*) Libwww C library used to write HTTP+HTML clients also used to write robots http://www.w3.org/library/ A.Lioy - Politecnico di Torino (2009) C-24

Server-side scripting different technologies, all characterised by having, inside the page file, some scripting code merged with the template HTML + client-side scripting ASP (Microsoft) VBscript JScript implementation also for Apache (with PerlScript) PHP (open source) developed for Apache also for IIS can be used both as a general scripting language and for CGI Server-side scripting (2) JSP (Sun), hybrid technology the code is embedded in the HTML template (as for the other technologies for server-side scripting) the code includes scripting elements (as other server-side languages) directives actions (proprietary tags, XML & NS like) the pages are translated into servlets by the web server A.Lioy - Politecnico di Torino (2009) C-25

SSI (Server Side Include) introduce directives in the HTML code in the form of comments if SSI is not supported by the server web, directives are ignored if SSI is supported, in the HTML page returned to the client, the directives are replaced by the text resulting from the elaboration add new environment variables do not replace CGI/ASP/..., but introduce the possibility to add dynamicity to HTML pages performing simple operations <!--#command tag1=value1 tag2=value2... --> SSI (2) in IIS, the HTML pages containing SSI directives must use the extension.shtm or.shtml you can configure web servers to elaborate the SSI directives i also for pages with the extensions.htm or.html server web Apache supports SSI (and XSSI from version 1.2) IIS supports only the directive #include of SSI it must be inserted in the HTML part cannot be produced by ASP code in IIS, the other SSI functionalities can be provided with ASP objects A.Lioy - Politecnico di Torino (2009) C-26

SSI environment variables DOCUMENT_NAME: the name of the current file DOCUMENT_URI: the virtual path to this document (e.g. /docs/tutorials/foo.shtml) QUERY_STRING_UNESCAPED: search string sent by the client, with every special shell character, preceded by \ DATE_LOCAL: current date, local time zone; subject to the parameter timefmt of the command config DATE_GMT: similar to DATE_LOCAL, but relative to the Greenwich time LAST_MODIFIED: date of last modification of the current document; also subject to timefmt SSI directives #config: allows setting some parameters errmsg: message returned in case of error when parsing of the SSI directives timefmt: date and time format; definition string like the one used by the Unix system function strftime( ) sizefmt: format for the file size bytes: expressed in bytes abbrev: abbreviated format (KB or MB) <!--#config errmsg="error_msg" --> <!--#config timefmt="form_string" --> <!--#config sizefmt="bytes" --> A.Lioy - Politecnico di Torino (2009) C-27

SSI directives (2) #echo: returns the environment variable (tag: var) passed as a parameter <!--#echo var="nome_variabile_env" --> #exec: executes a shell command or a CGI script whose name is passed as parameter and returns the corresponding output; supported tags: cmd: shell command (Unix: /bin/sh, Win32: cmd.exe) identified by the string cgi: CGI script identified by the string (virtual path); no output mangling but conversion from URI to <A> <!--#exec cmd="path_shell_script" --> <!--#exec cgi="virt_path_cgi_script" --> SSI directives (3) #flastmod: returns date and time of last modification of a file (tag: file) whose name is passed as parameter <!--#flastmod file="nome_file" --> #fsize: returns the size of a file whose name is passed as parameter; the format is configurable with sizefmt; supported tags: virtual: virtual path (no access to CGI scripts) file: relative physical path starting from the current directory (no absolute paths, no use of../ ) <!--#fsize virtual="virt_path_nome_fil" --> <!--#fsize file="rel_path_nome_file" --> A.Lioy - Politecnico di Torino (2009) C-28

SSI directives (4) #include: inserts the content of a file in the page returned to the client; the name of the file is passed as parameter; supported tags: virtual: virtual path (no access to CGI scripts) file: relative physical path starting from current directory (no absolute paths, no use of../ ) <!--#include virtual="virt_path_nom_file" --> <!--#include file="rel_ PATH_ NOME_ FILE" --> attention! the included file cannot contain SSI directives SSI examples inserts local date and time in standard format: <!--#echo var="date_local" --> inserts local date and time in non-standard format: <!--#config timefmt="%a %B %d, %Y" --> <!--#echo var="date_local" --> executes a system command (the text <DIR> in the output of the dir command can lead to wrong formatting by the browser) <!--#exec cmd="ls" --> <!--#exec cmd="dir" --> A.Lioy - Politecnico di Torino (2009) C-29

SSI examples (2) inserts a footer shared with other pages <!--#include file="footer.txt" --> inserts the date of last modification of the current page; solution 1 (if you change the page name, you must update the directive) <!--#config timefmt="%a %B %d, %Y" --> <!--#flastmod file="tesine.html" --> inserts the date of last modification of the current page; solution 2 (the same directive can be used for all pages) <!--#config timefmt="%d" --> <!--#echo var="last_modified" --> SSI examples (3) set an error message different from the standard one in case of problems when parsing the SSI directives <!--#config errmsg="[new error message!]" --> standard error message; the directive code is replaced by the following text [an error occurred while processing this directive] error message set with the directive [New error message!] A.Lioy - Politecnico di Torino (2009) C-30

Example of SSI/XSSI workflow page before elaboration <HTML><HEAD><TITLE> (as stored on the server) <!--#include virtual="title.inc" --> </TITLE></HEAD><BODY>... <FONT face=sans-serif size=-2> <BR>Maintained by: <!--#include virtual="author.inc" --> <BR>Last modified: <!--#echo var="last_modified" --> </FONT> <HTML><HEAD><TITLE> page after elaboration Esempio di SSI (as sent to the client) </TITLE></HEAD><BODY>... <FONT face=sans-serif size=-2> <BR>Maintained by: <B>Antonio Lioy</B> <BR>Last modified: Thursday, 21-Feb-2002 18:53:28 MET </FONT> Example of SSI/XSSI workflow (2) content of the file title.inc Esempio di SSI Content of the file author.inc <B>Antonio Lioy</B> NOTE: files included with the directive include or the result of script execution (directive exec) can contain text and HTML must comply with the HTML character encoding): e.g. quantità => quantità once included, they must comply with the requirements of HTML/CSS (TAG position, etc.) A.Lioy - Politecnico di Torino (2009) C-31

server-side: Server-side or client-side? (pro) higher security (con) server overload client-side: (pro) computation on the client (con) client capabilities (functionality and performance) (con) lower security (tampered with by the user) in general: better server-side for security and functionality better client-side to improve performance often used together simultaneously Server-side vs. client-side sometimes they aren t equivalent example (content of prova.asp): <% var d=new Date(); var h=d.gethours(); var m=d.getminutes(); Response.write(h + ":" + m); %> <script type="text/javascript"> <script type="text/javascript"> var d=new Date(); var h=d.gethours(); var m=d.getminutes(); document.write(h + ":" + m); </script> A.Lioy - Politecnico di Torino (2009) C-32

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback