SlideShare ist ein Scribd-Unternehmen logo

"Http protocol and other stuff" by Bipin Upadhyay

Bipin Upadhyay
Bipin Upadhyay

A holistic view of how the web works, with an overview of the HTTP protocol. Presented by me at null security group (http://null.co.in), Mumbai chapter meet on Aug' 27th.

Technologie
1 von 66
Downloaden Sie, um offline zu lesen
…and other stuff that make the web work
Bits ‘bout Moi!  Senor Bipin Upadhyay  Developer, Directi Pvt. Ltd.  Lead, NULL Open Security Group – Mumbai Chapter  OWASP ESAPI-PHP Committer  Part of IHP (Honeynet Project)  Amateur Photographer
I know Kung-fu…
If Only it was true…
Think about the possibilities…
I know Kung-fu
Me too..
Me three..
Sigh! But it ain’t true, yet!
Agenda http://icanhascheezburger.files.wordpress.com/2009/02/funny-pictures-cat-has-naps-on-his-agenda.jpg
Agenda  Intro: What & Why???  OSI model: Back to the basics  10000 feet view: How the web works  RFC 2616: Anatomy  RFC 2965: Handling Statelessness
Agenda  Intro: What & Why???  OSI model: Back to the basics  10000 feet view: How the web works  RFC 2616: Anatomy  RFC 2965: Handling Statelessness
Bit of History  Mar’89 – T.B. Lee presents “Information Management: A Proposal”  Aug’91 – Announces WWW  Mar’93 – Mosaic announced  Mar’94 – Netscape found  Oct’94 – W3C found by T.B. Lee
Web 2.0, uh! http://www.wagnerblog.com/images/AjaxDarkSide.jpg
HTTP: What is it?  Part of the Application Layer of TCP/IP protocol suite
HTTP: What is it?  Part of the Application Layer of TCP/IP protocol suite  A set of grammatical rules for a client and server to communicate http://www.flickr.com/photos/joshfassbind/4584323789/
HTTP: What is it?  Part of the Application Layer of TCP/IP protocol suite  A set of grammatical rules for a client and server to communicate  HTTP is what powers the WWW
…but http://www.flickr.com/photos/quinnanya/4456123452/
Why should I bother?  Because:  web development sucks http://www.flickr.com/photos/sneeu/1589152071/
Why should I bother?  Because:  web development sucks  Even your grandmom knows, ‘tis all about fundamentals
Why should I bother?  Also:  facilitates debugging,  improves understanding of security & performance
Why should I bother?
Agenda  Intro: What & Why???  OSI model: Back to the basics  10000 feet view: How the web works  RFC 2616: Anatomy  RFC 2985: Handling Statelessness http://www.flickr.com/photos/stephenpoff/2312981944/
OSI & TCP/IP protocol suite  OSI is a reference model http://blog.uad.ac.id/imam_riadi/files/2009/01/osi-layer.jpg
OSI & TCP/IP protocol suite…  TCP/IP protocol suite is implementation of OSI http://www.hill2dot0.com/wiki/index.php?title=Image:G0209_TCPIP_vs_OSI.jpg
OSI & TCP/IP protocol suite…  Visual learning: Wireshark, baby  http://www.wireshark.org/
Agenda  Intro: What & Why???  OSI model: Back to the basics  10000 feet view: How the web works  RFC 2616: Anatomy  RFC 2965: Handling Statelessness
The Communication  My favorite interview question: http://www.flickr.com/photos/terryhart/2890904949/
The Communication  My favorite interview question:  What all happens between the time when: and the page is we click on a completely hyperlink rendered in a browser
Web DB Brower Proxy Internetz LB Server Server
Client Server (null.co.in) Web DB Brower Proxy Internetz LB Server Server
Client Server (null.co.in) Web DB Brower Proxy Internetz LB Server Server null.co.in Browser cache/ hosts file/ DNS server
Client Server (null.co.in) Web DB Brower Proxy Internetz LB Server Server null.co.in 74.53.228.212 Browser cache/ hosts file/ DNS server
Client Server (null.co.in) Web DB Brower Proxy Internetz LB Server Server SYN TCP Connection: There, bro?
Client Server (null.co.in) Web DB Brower Proxy Internetz LB Server Server SYN SYN-ACK TCP Connection: Yo!
Client Server (null.co.in) Web DB Brower Proxy Internetz LB Server Server SYN SYN-ACK ACK TCP Connection: Cool!
Client Server (null.co.in) Web DB Brower Proxy Internetz LB Server Server GET / HTTP: Got this file?
Client Server (null.co.in) Web DB Brower Proxy Internetz LB Server Server GET / 200 OK index.html HTTP: Yup! Here ‘tis.
Client Server (null.co.in) Web DB Brower Proxy Internetz LB Server Server GET / 200 OK index.html GET /js.js GET /pic.jpg HTTP: Can I have these as well?
Client Server (null.co.in) Web DB Brower Proxy Internetz LB Server Server GET / 200 OK index.html GET /js.js GET /pic.jpg 200 OK more content… HTTP: Sure!
Client Server (null.co.in) Web DB Brower Proxy Internetz LB Server Server FIN TCP Connection: Arigato, am done.
Client Server (null.co.in) Web DB Brower Proxy Internetz LB Server Server FIN FIN-ACK TCP Connection: Sayonara!
The Communication  …. or simply
The Communication  Web 2.0 has shrunk the client and server distinction  Conventionally, client sends an HTTP request  Server responds with an HTTP response
The Communication: HTTP Request  Request Line  Request Method  Requested Resource  HTTP Version used  Headers  General Headers  Request Headers  Entity Headers  Content (Optional)
The Communication: HTTP Response  Status Line  HTTP version(s) understood by server  Status code (3 digit numerical value)  Status description  Headers  General Headers  Response Headers  Entity Headers  Content (Optional)
Agenda  Intro: What & Why???  OSI model: Back to the basics  10000 feet view: How the web works  RFC 2616: Anatomy  RFC 2965: Handling Statelessness http://www.saynotocrack.com/wp-content/uploads/2007/06/flinstones-anatomy.jpg
Anatomy  HTTP Request and Response are comprised of various components:  Request Methods  Response Status Codes  Request Headers  Response Headers  General Headers  Entity Headers  Content (MIME Media Types)
Anatomy: Request Methods  Humans can convey emotions in several ways  Why should HTTP clients lag!!!  HTTP methods describe the type of communication GET POST HEAD OPTIONS TRACE PUT DELETE CONNECT
Anatomy: Response Status Codes  Indicate the server’s mood corresponding to a request  Combination of a numerical code, and a short description  Cab be categorized in 5 categories:  1xx -- Informational  2xx -- Successful  3xx -- Redirection  4xx -- Client Error  5xx -- Server Error
Anatomy: Request Headers  Specific to an HTTP Request  Carry information about the client, and the type of request  Facilitates better understanding between client and server Host Accept-Language If-Modified-Since Referer User-Agent Authorization If-None-Match Expect Accept Proxy- If-Range From Authorization Accept-Charset Max-Forwards If-Unmodified- TE Since Accept-Encoding If-Match Range
Anatomy: Response Headers  Specific to an HTTP Response  Carry information about the server, and the type of response Accept-Ranges ETag Retry-After WWW-Authenticate Age Location Server Proxy-Authenticate Vary
Anatomy: General Headers  Carry information about the HTTP transaction  Can be a part of request, as well as response Cache-Control Keep-Alive Pragma Via Connection Upgrade Trailer Warning Transfer-Encoding Date
Anatomy: Entity Headers  Carry information about the content  Mainly a part of HTTP response Allow Content-Language Content-Location Content-Range Content-Encoding Content-Length Content-MD5 Content-Type Expires Last-Modified
Anatomy: Content  IANA maintains a list of valid content types  It is specified by the Content-Type Entity header  Categorized in 9 MIME Media types: application audio example image message model multipart text video
Agenda  Intro: What & Why???  OSI model: Back to the basics  10000 feet view: How the web works  RFC 2616: Anatomy  RFC 2965: Handling Statelessness
Handling Statelessness  HTTP is a stateless protocol
Handling Statelessness  HTTP is a stateless protocol  i.e., server’s got a bad memory
Handling Statelessness  Cookies to rescue http://www.flickr.com/photos/lij/283869088/
Handling Statelessness  Cookies:  are text files stored by client browser  maintain session by storing information  are non-executable
Handling Statelessness  Cookie attributes:  name=value  expires=value  domain=value  path=value  Secure  HttpOnly --not a part of spec
Conclusion The single biggest problem in communication is the illusion… that it has taken place. --George Bernard Shaw
Conclusion The single biggest problem in communication is the illusion… that it has taken place. --George Bernard Shaw  Think about it 
Q&A!!!  Got queries? Raise your hands.
 Arigato!   Contact info:  Om—At—[projectbee.org/null.co.in]  http://projectbee.org/  Twitter - @bipinu  Flickr -- projectbee

Empfohlen

Browser APIs for data exchange: types and application
Browser APIs for data exchange: types and applicationBrowser APIs for data exchange: types and application
Browser APIs for data exchange: types and applicationPavel Klimiankou
 
PHP and Web Services
PHP and Web ServicesPHP and Web Services
PHP and Web ServicesBruno Pedro
 
Jim Webber A Couple Of Ways To Skin An Internet Scale Catx
Jim Webber A Couple Of Ways To Skin An Internet Scale CatxJim Webber A Couple Of Ways To Skin An Internet Scale Catx
Jim Webber A Couple Of Ways To Skin An Internet Scale Catxdeimos
 
jmp206 - Lotus Domino Web Services Jumpstart
jmp206 - Lotus Domino Web Services Jumpstartjmp206 - Lotus Domino Web Services Jumpstart
jmp206 - Lotus Domino Web Services JumpstartBill Buchan
 
Server-Side Programming Primer
Server-Side Programming PrimerServer-Side Programming Primer
Server-Side Programming PrimerIvano Malavolta
 
HTML5 Server Sent Events/JSF JAX 2011 Conference
HTML5 Server Sent Events/JSF JAX 2011 ConferenceHTML5 Server Sent Events/JSF JAX 2011 Conference
HTML5 Server Sent Events/JSF JAX 2011 ConferenceRoger Kitain
 
Cloud computing by Luqman
Cloud computing by LuqmanCloud computing by Luqman
Cloud computing by LuqmanLuqman Shareef
 
Java web services
Java web servicesJava web services
Java web serviceskumar gaurav
 

Empfohlen

Browser APIs for data exchange: types and application
Browser APIs for data exchange: types and applicationBrowser APIs for data exchange: types and application
Browser APIs for data exchange: types and applicationPavel Klimiankou
 
PHP and Web Services
PHP and Web ServicesPHP and Web Services
PHP and Web ServicesBruno Pedro
 
Jim Webber A Couple Of Ways To Skin An Internet Scale Catx
Jim Webber A Couple Of Ways To Skin An Internet Scale CatxJim Webber A Couple Of Ways To Skin An Internet Scale Catx
Jim Webber A Couple Of Ways To Skin An Internet Scale Catxdeimos
 
jmp206 - Lotus Domino Web Services Jumpstart
jmp206 - Lotus Domino Web Services Jumpstartjmp206 - Lotus Domino Web Services Jumpstart
jmp206 - Lotus Domino Web Services JumpstartBill Buchan
 
Server-Side Programming Primer
Server-Side Programming PrimerServer-Side Programming Primer
Server-Side Programming PrimerIvano Malavolta
 
HTML5 Server Sent Events/JSF JAX 2011 Conference
HTML5 Server Sent Events/JSF JAX 2011 ConferenceHTML5 Server Sent Events/JSF JAX 2011 Conference
HTML5 Server Sent Events/JSF JAX 2011 ConferenceRoger Kitain
 
Cloud computing by Luqman
Cloud computing by LuqmanCloud computing by Luqman
Cloud computing by LuqmanLuqman Shareef
 
Java web services
Java web servicesJava web services
Java web serviceskumar gaurav
 
HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)Gurjot Singh
 
HTTP Protocol Basic
HTTP Protocol BasicHTTP Protocol Basic
HTTP Protocol BasicChuong Mai
 
Introduction to HTTP protocol
Introduction to HTTP protocolIntroduction to HTTP protocol
Introduction to HTTP protocolAviran Mordo
 
HTTP Basics
HTTP BasicsHTTP Basics
HTTP Basicssanjoysanyal
 
HTTP Basic
HTTP BasicHTTP Basic
HTTP BasicJoshua Yoon
 
HTTP basics in relation to Applicaiton Security - OWASP
HTTP basics in relation to Applicaiton Security - OWASPHTTP basics in relation to Applicaiton Security - OWASP
HTTP basics in relation to Applicaiton Security - OWASPEoin Keary
 
TCP/IP
TCP/IPTCP/IP
TCP/IPNiket Chandrawanshi
 
Web I - 05 - HTTP Protocol
Web I - 05 - HTTP ProtocolWeb I - 05 - HTTP Protocol
Web I - 05 - HTTP ProtocolRandy Connolly
 
C++17 introduction - Meetup @EtixLabs
C++17 introduction - Meetup @EtixLabsC++17 introduction - Meetup @EtixLabs
C++17 introduction - Meetup @EtixLabsStephane Gleizes
 
Modern c++ (C++ 11/14)
Modern c++ (C++ 11/14)Modern c++ (C++ 11/14)
Modern c++ (C++ 11/14)Geeks Anonymes
 
Bjarne essencegn13
Bjarne essencegn13Bjarne essencegn13
Bjarne essencegn13Hunde Gurmessa
 
C++11
C++11C++11
C++11Quang Trần Duy
 
C++11
C++11C++11
C++11ppd1961
 
C++11 concurrency
C++11 concurrencyC++11 concurrency
C++11 concurrencyxu liwei
 
Automating OWASP ZAP - DevCSecCon talk
Automating OWASP ZAP - DevCSecCon talk Automating OWASP ZAP - DevCSecCon talk
Automating OWASP ZAP - DevCSecCon talk Simon Bennetts
 
C++11 & C++14
C++11 & C++14C++11 & C++14
C++11 & C++14CyberPlusIndia
 
C++17 - the upcoming revolution (Code::Dive 2015)/
C++17 - the upcoming revolution (Code::Dive 2015)/C++17 - the upcoming revolution (Code::Dive 2015)/
C++17 - the upcoming revolution (Code::Dive 2015)/Sławomir Zborowski
 
Networking - TCP/IP stack introduction and IPv6
Networking - TCP/IP stack introduction and IPv6Networking - TCP/IP stack introduction and IPv6
Networking - TCP/IP stack introduction and IPv6Rodolfo Kohn
 
Elements of C++11
Elements of C++11Elements of C++11
Elements of C++11Uilian Ries
 
Database connectivity to sql server asp.net
Database connectivity to sql server asp.netDatabase connectivity to sql server asp.net
Database connectivity to sql server asp.netHemant Sankhla
 
Windows Azure架构探析
Windows Azure架构探析Windows Azure架构探析
Windows Azure架构探析George Ang
 
C fowler intro-azure
C fowler intro-azureC fowler intro-azure
C fowler intro-azuresdeconf
 

Weitere ähnliche Inhalte

Andere mochten auch

HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)Gurjot Singh
 
HTTP Protocol Basic
HTTP Protocol BasicHTTP Protocol Basic
HTTP Protocol BasicChuong Mai
 
Introduction to HTTP protocol
Introduction to HTTP protocolIntroduction to HTTP protocol
Introduction to HTTP protocolAviran Mordo
 
HTTP basics in relation to Applicaiton Security - OWASP
HTTP basics in relation to Applicaiton Security - OWASPHTTP basics in relation to Applicaiton Security - OWASP
HTTP basics in relation to Applicaiton Security - OWASPEoin Keary
 
Web I - 05 - HTTP Protocol
Web I - 05 - HTTP ProtocolWeb I - 05 - HTTP Protocol
Web I - 05 - HTTP ProtocolRandy Connolly
 
C++17 introduction - Meetup @EtixLabs
C++17 introduction - Meetup @EtixLabsC++17 introduction - Meetup @EtixLabs
C++17 introduction - Meetup @EtixLabsStephane Gleizes
 
Modern c++ (C++ 11/14)
Modern c++ (C++ 11/14)Modern c++ (C++ 11/14)
Modern c++ (C++ 11/14)Geeks Anonymes
 
C++11 concurrency
C++11 concurrencyC++11 concurrency
C++11 concurrencyxu liwei
 
Automating OWASP ZAP - DevCSecCon talk
Automating OWASP ZAP - DevCSecCon talk Automating OWASP ZAP - DevCSecCon talk
Automating OWASP ZAP - DevCSecCon talk Simon Bennetts
 
C++17 - the upcoming revolution (Code::Dive 2015)/
C++17 - the upcoming revolution (Code::Dive 2015)/C++17 - the upcoming revolution (Code::Dive 2015)/
C++17 - the upcoming revolution (Code::Dive 2015)/Sławomir Zborowski
 
Networking - TCP/IP stack introduction and IPv6
Networking - TCP/IP stack introduction and IPv6Networking - TCP/IP stack introduction and IPv6
Networking - TCP/IP stack introduction and IPv6Rodolfo Kohn
 
Elements of C++11
Elements of C++11Elements of C++11
Elements of C++11Uilian Ries
 
Database connectivity to sql server asp.net
Database connectivity to sql server asp.netDatabase connectivity to sql server asp.net
Database connectivity to sql server asp.netHemant Sankhla
 

Andere mochten auch (20)

HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)
 
HTTP Protocol Basic
HTTP Protocol BasicHTTP Protocol Basic
HTTP Protocol Basic
 
Introduction to HTTP protocol
Introduction to HTTP protocolIntroduction to HTTP protocol
Introduction to HTTP protocol
 
HTTP Basics
HTTP BasicsHTTP Basics
HTTP Basics
 
HTTP Basic
HTTP BasicHTTP Basic
HTTP Basic
 
HTTP basics in relation to Applicaiton Security - OWASP
HTTP basics in relation to Applicaiton Security - OWASPHTTP basics in relation to Applicaiton Security - OWASP
HTTP basics in relation to Applicaiton Security - OWASP
 
TCP/IP
TCP/IPTCP/IP
TCP/IP
 
Web I - 05 - HTTP Protocol
Web I - 05 - HTTP ProtocolWeb I - 05 - HTTP Protocol
Web I - 05 - HTTP Protocol
 
C++17 introduction - Meetup @EtixLabs
C++17 introduction - Meetup @EtixLabsC++17 introduction - Meetup @EtixLabs
C++17 introduction - Meetup @EtixLabs
 
Modern c++ (C++ 11/14)
Modern c++ (C++ 11/14)Modern c++ (C++ 11/14)
Modern c++ (C++ 11/14)
 
Bjarne essencegn13
Bjarne essencegn13Bjarne essencegn13
Bjarne essencegn13
 
C++11
C++11C++11
C++11
 
C++11
C++11C++11
C++11
 
C++11 concurrency
C++11 concurrencyC++11 concurrency
C++11 concurrency
 
Automating OWASP ZAP - DevCSecCon talk
Automating OWASP ZAP - DevCSecCon talk Automating OWASP ZAP - DevCSecCon talk
Automating OWASP ZAP - DevCSecCon talk
 
C++11 & C++14
C++11 & C++14C++11 & C++14
C++11 & C++14
 
C++17 - the upcoming revolution (Code::Dive 2015)/
C++17 - the upcoming revolution (Code::Dive 2015)/C++17 - the upcoming revolution (Code::Dive 2015)/
C++17 - the upcoming revolution (Code::Dive 2015)/
 
Networking - TCP/IP stack introduction and IPv6
Networking - TCP/IP stack introduction and IPv6Networking - TCP/IP stack introduction and IPv6
Networking - TCP/IP stack introduction and IPv6
 
Elements of C++11
Elements of C++11Elements of C++11
Elements of C++11
 
Database connectivity to sql server asp.net
Database connectivity to sql server asp.netDatabase connectivity to sql server asp.net
Database connectivity to sql server asp.net
 

Ähnlich wie "Http protocol and other stuff" by Bipin Upadhyay

Windows Azure架构探析
Windows Azure架构探析Windows Azure架构探析
Windows Azure架构探析George Ang
 
C fowler intro-azure
C fowler intro-azureC fowler intro-azure
C fowler intro-azuresdeconf
 
Mike Taulty MIX10 Silverlight 4 Patterns Frameworks
Mike Taulty MIX10 Silverlight 4 Patterns FrameworksMike Taulty MIX10 Silverlight 4 Patterns Frameworks
Mike Taulty MIX10 Silverlight 4 Patterns Frameworksukdpe
 
Lets build-ruby-app-server: Vineet tyagi
Lets build-ruby-app-server: Vineet tyagiLets build-ruby-app-server: Vineet tyagi
Lets build-ruby-app-server: Vineet tyagiThoughtWorks
 
HWIOS Websocket CMS explained
HWIOS Websocket CMS explainedHWIOS Websocket CMS explained
HWIOS Websocket CMS explainedos-networks
 
Angular JS and Magento
Angular JS and MagentoAngular JS and Magento
Angular JS and MagentoVinci Rufus
 
Scale Fail: How I Learned to Love the Downtime
Scale Fail: How I Learned to Love the DowntimeScale Fail: How I Learned to Love the Downtime
Scale Fail: How I Learned to Love the DowntimePostgreSQL Experts, Inc.
 
Top Ten Web Attacks
Top Ten Web Attacks Top Ten Web Attacks
Top Ten Web Attacks Ajay Ohri
 
Proxy http ftp dns email
Proxy http ftp dns emailProxy http ftp dns email
Proxy http ftp dns emailHeera K S
 
AWS Customer Presentation – What's Up Interactive – AWS Cloud Storage for the...
AWS Customer Presentation – What's Up Interactive – AWS Cloud Storage for the...AWS Customer Presentation – What's Up Interactive – AWS Cloud Storage for the...
AWS Customer Presentation – What's Up Interactive – AWS Cloud Storage for the...Amazon Web Services
 
Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...
Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...
Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...Joonas Lehtinen
 
NoSQL mit RavenDB und Azure
NoSQL mit RavenDB und AzureNoSQL mit RavenDB und Azure
NoSQL mit RavenDB und AzureSascha Dittmann
 
SE2016 Exotic Oleg Gorbunov "Action cable"
SE2016 Exotic Oleg Gorbunov "Action cable"SE2016 Exotic Oleg Gorbunov "Action cable"
SE2016 Exotic Oleg Gorbunov "Action cable"Inhacking
 
Mutating Admission Webhook creation
Mutating Admission Webhook creationMutating Admission Webhook creation
Mutating Admission Webhook creationVictor Morales
 
Vaadin, Rich Web Apps in Server-Side Java without Plug-ins or JavaScript: Joo...
Vaadin, Rich Web Apps in Server-Side Java without Plug-ins or JavaScript: Joo...Vaadin, Rich Web Apps in Server-Side Java without Plug-ins or JavaScript: Joo...
Vaadin, Rich Web Apps in Server-Side Java without Plug-ins or JavaScript: Joo...jaxconf
 
Working with Data and Web Services in Microsoft Silverlight 2
Working with Data and Web Services in Microsoft Silverlight 2Working with Data and Web Services in Microsoft Silverlight 2
Working with Data and Web Services in Microsoft Silverlight 2goodfriday
 
Softsphere 08 web services bootcamp
Softsphere 08 web services bootcampSoftsphere 08 web services bootcamp
Softsphere 08 web services bootcampBill Buchan
 

Ähnlich wie "Http protocol and other stuff" by Bipin Upadhyay (20)

Windows Azure架构探析
Windows Azure架构探析Windows Azure架构探析
Windows Azure架构探析
 
C fowler intro-azure
C fowler intro-azureC fowler intro-azure
C fowler intro-azure
 
Web server
Web serverWeb server
Web server
 
Mike Taulty MIX10 Silverlight 4 Patterns Frameworks
Mike Taulty MIX10 Silverlight 4 Patterns FrameworksMike Taulty MIX10 Silverlight 4 Patterns Frameworks
Mike Taulty MIX10 Silverlight 4 Patterns Frameworks
 
Lets build-ruby-app-server: Vineet tyagi
Lets build-ruby-app-server: Vineet tyagiLets build-ruby-app-server: Vineet tyagi
Lets build-ruby-app-server: Vineet tyagi
 
HWIOS Websocket CMS explained
HWIOS Websocket CMS explainedHWIOS Websocket CMS explained
HWIOS Websocket CMS explained
 
Angular JS and Magento
Angular JS and MagentoAngular JS and Magento
Angular JS and Magento
 
Scale Fail: How I Learned to Love the Downtime
Scale Fail: How I Learned to Love the DowntimeScale Fail: How I Learned to Love the Downtime
Scale Fail: How I Learned to Love the Downtime
 
Top Ten Web Attacks
Top Ten Web Attacks Top Ten Web Attacks
Top Ten Web Attacks
 
Proxy http ftp dns email
Proxy http ftp dns emailProxy http ftp dns email
Proxy http ftp dns email
 
AWS Customer Presentation – What's Up Interactive – AWS Cloud Storage for the...
AWS Customer Presentation – What's Up Interactive – AWS Cloud Storage for the...AWS Customer Presentation – What's Up Interactive – AWS Cloud Storage for the...
AWS Customer Presentation – What's Up Interactive – AWS Cloud Storage for the...
 
Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...
Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...
Vaadin - Rich Web Applications in Server-side Java without Plug-ins or JavaSc...
 
Document Databases e RavenDB
Document Databases e RavenDBDocument Databases e RavenDB
Document Databases e RavenDB
 
NoSQL mit RavenDB und Azure
NoSQL mit RavenDB und AzureNoSQL mit RavenDB und Azure
NoSQL mit RavenDB und Azure
 
Oleg Gorbunov Action cable
Oleg Gorbunov Action cableOleg Gorbunov Action cable
Oleg Gorbunov Action cable
 
SE2016 Exotic Oleg Gorbunov "Action cable"
SE2016 Exotic Oleg Gorbunov "Action cable"SE2016 Exotic Oleg Gorbunov "Action cable"
SE2016 Exotic Oleg Gorbunov "Action cable"
 
Mutating Admission Webhook creation
Mutating Admission Webhook creationMutating Admission Webhook creation
Mutating Admission Webhook creation
 
Vaadin, Rich Web Apps in Server-Side Java without Plug-ins or JavaScript: Joo...
Vaadin, Rich Web Apps in Server-Side Java without Plug-ins or JavaScript: Joo...Vaadin, Rich Web Apps in Server-Side Java without Plug-ins or JavaScript: Joo...
Vaadin, Rich Web Apps in Server-Side Java without Plug-ins or JavaScript: Joo...
 
Working with Data and Web Services in Microsoft Silverlight 2
Working with Data and Web Services in Microsoft Silverlight 2Working with Data and Web Services in Microsoft Silverlight 2
Working with Data and Web Services in Microsoft Silverlight 2
 
Softsphere 08 web services bootcamp
Softsphere 08 web services bootcampSoftsphere 08 web services bootcamp
Softsphere 08 web services bootcamp
 

Mehr von Bipin Upadhyay

'Malware Analysis' by PP Singh
'Malware Analysis' by PP Singh'Malware Analysis' by PP Singh
'Malware Analysis' by PP SinghBipin Upadhyay
 
Attack Simulation And Threat Modeling -Olu Akindeinde
Attack Simulation And Threat Modeling -Olu AkindeindeAttack Simulation And Threat Modeling -Olu Akindeinde
Attack Simulation And Threat Modeling -Olu AkindeindeBipin Upadhyay
 
[Php Camp]Owasp Php Top5+Csrf
[Php Camp]Owasp Php Top5+Csrf[Php Camp]Owasp Php Top5+Csrf
[Php Camp]Owasp Php Top5+CsrfBipin Upadhyay
 
[Phpcamp]Shindig An OpenSocial container
[Phpcamp]Shindig An OpenSocial container[Phpcamp]Shindig An OpenSocial container
[Phpcamp]Shindig An OpenSocial containerBipin Upadhyay
 
"The Web Is Broken" by Bipin Upadhyay
"The Web Is Broken" by Bipin Upadhyay"The Web Is Broken" by Bipin Upadhyay
"The Web Is Broken" by Bipin UpadhyayBipin Upadhyay
 

Mehr von Bipin Upadhyay (8)

'Malware Analysis' by PP Singh
'Malware Analysis' by PP Singh'Malware Analysis' by PP Singh
'Malware Analysis' by PP Singh
 
Attack Simulation And Threat Modeling -Olu Akindeinde
Attack Simulation And Threat Modeling -Olu AkindeindeAttack Simulation And Threat Modeling -Olu Akindeinde
Attack Simulation And Threat Modeling -Olu Akindeinde
 
Php Development Stack
Php Development StackPhp Development Stack
Php Development Stack
 
Php Camp Open Social
Php Camp Open SocialPhp Camp Open Social
Php Camp Open Social
 
[Php Camp]Owasp Php Top5+Csrf
[Php Camp]Owasp Php Top5+Csrf[Php Camp]Owasp Php Top5+Csrf
[Php Camp]Owasp Php Top5+Csrf
 
[Phpcamp]Shindig An OpenSocial container
[Phpcamp]Shindig An OpenSocial container[Phpcamp]Shindig An OpenSocial container
[Phpcamp]Shindig An OpenSocial container
 
"The Web Is Broken" by Bipin Upadhyay
"The Web Is Broken" by Bipin Upadhyay"The Web Is Broken" by Bipin Upadhyay
"The Web Is Broken" by Bipin Upadhyay
 
Paradigm Created
Paradigm CreatedParadigm Created
Paradigm Created
 

Kürzlich hochgeladen

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 

Kürzlich hochgeladen (20)

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 

"Http protocol and other stuff" by Bipin Upadhyay

  • 1.
  • 2. …and other stuff that make the web work
  • 3. Bits ‘bout Moi!  Senor Bipin Upadhyay  Developer, Directi Pvt. Ltd.  Lead, NULL Open Security Group – Mumbai Chapter  OWASP ESAPI-PHP Committer  Part of IHP (Honeynet Project)  Amateur Photographer
  • 5. If Only it was true…
  • 6. Think about the possibilities…
  • 10. Sigh! But it ain’t true, yet!
  • 12. Agenda  Intro: What & Why???  OSI model: Back to the basics  10000 feet view: How the web works  RFC 2616: Anatomy  RFC 2965: Handling Statelessness
  • 13. Agenda  Intro: What & Why???  OSI model: Back to the basics  10000 feet view: How the web works  RFC 2616: Anatomy  RFC 2965: Handling Statelessness
  • 14. Bit of History  Mar’89 – T.B. Lee presents “Information Management: A Proposal”  Aug’91 – Announces WWW  Mar’93 – Mosaic announced  Mar’94 – Netscape found  Oct’94 – W3C found by T.B. Lee
  • 16. HTTP: What is it?  Part of the Application Layer of TCP/IP protocol suite
  • 17. HTTP: What is it?  Part of the Application Layer of TCP/IP protocol suite  A set of grammatical rules for a client and server to communicate http://www.flickr.com/photos/joshfassbind/4584323789/
  • 18. HTTP: What is it?  Part of the Application Layer of TCP/IP protocol suite  A set of grammatical rules for a client and server to communicate  HTTP is what powers the WWW
  • 20. Why should I bother?  Because:  web development sucks http://www.flickr.com/photos/sneeu/1589152071/
  • 21. Why should I bother?  Because:  web development sucks  Even your grandmom knows, ‘tis all about fundamentals
  • 22. Why should I bother?  Also:  facilitates debugging,  improves understanding of security & performance
  • 23. Why should I bother?
  • 24. Agenda  Intro: What & Why???  OSI model: Back to the basics  10000 feet view: How the web works  RFC 2616: Anatomy  RFC 2985: Handling Statelessness http://www.flickr.com/photos/stephenpoff/2312981944/
  • 25. OSI & TCP/IP protocol suite  OSI is a reference model http://blog.uad.ac.id/imam_riadi/files/2009/01/osi-layer.jpg
  • 26. OSI & TCP/IP protocol suite…  TCP/IP protocol suite is implementation of OSI http://www.hill2dot0.com/wiki/index.php?title=Image:G0209_TCPIP_vs_OSI.jpg
  • 27. OSI & TCP/IP protocol suite…  Visual learning: Wireshark, baby  http://www.wireshark.org/
  • 28. Agenda  Intro: What & Why???  OSI model: Back to the basics  10000 feet view: How the web works  RFC 2616: Anatomy  RFC 2965: Handling Statelessness
  • 29. The Communication  My favorite interview question: http://www.flickr.com/photos/terryhart/2890904949/
  • 30. The Communication  My favorite interview question:  What all happens between the time when: and the page is we click on a completely hyperlink rendered in a browser
  • 31. Web DB Brower Proxy Internetz LB Server Server
  • 32. Client Server (null.co.in) Web DB Brower Proxy Internetz LB Server Server
  • 33. Client Server (null.co.in) Web DB Brower Proxy Internetz LB Server Server null.co.in Browser cache/ hosts file/ DNS server
  • 34. Client Server (null.co.in) Web DB Brower Proxy Internetz LB Server Server null.co.in 74.53.228.212 Browser cache/ hosts file/ DNS server
  • 35. Client Server (null.co.in) Web DB Brower Proxy Internetz LB Server Server SYN TCP Connection: There, bro?
  • 36. Client Server (null.co.in) Web DB Brower Proxy Internetz LB Server Server SYN SYN-ACK TCP Connection: Yo!
  • 37. Client Server (null.co.in) Web DB Brower Proxy Internetz LB Server Server SYN SYN-ACK ACK TCP Connection: Cool!
  • 38. Client Server (null.co.in) Web DB Brower Proxy Internetz LB Server Server GET / HTTP: Got this file?
  • 39. Client Server (null.co.in) Web DB Brower Proxy Internetz LB Server Server GET / 200 OK index.html HTTP: Yup! Here ‘tis.
  • 40. Client Server (null.co.in) Web DB Brower Proxy Internetz LB Server Server GET / 200 OK index.html GET /js.js GET /pic.jpg HTTP: Can I have these as well?
  • 41. Client Server (null.co.in) Web DB Brower Proxy Internetz LB Server Server GET / 200 OK index.html GET /js.js GET /pic.jpg 200 OK more content… HTTP: Sure!
  • 42. Client Server (null.co.in) Web DB Brower Proxy Internetz LB Server Server FIN TCP Connection: Arigato, am done.
  • 43. Client Server (null.co.in) Web DB Brower Proxy Internetz LB Server Server FIN FIN-ACK TCP Connection: Sayonara!
  • 45. The Communication  Web 2.0 has shrunk the client and server distinction  Conventionally, client sends an HTTP request  Server responds with an HTTP response
  • 46. The Communication: HTTP Request  Request Line  Request Method  Requested Resource  HTTP Version used  Headers  General Headers  Request Headers  Entity Headers  Content (Optional)
  • 47. The Communication: HTTP Response  Status Line  HTTP version(s) understood by server  Status code (3 digit numerical value)  Status description  Headers  General Headers  Response Headers  Entity Headers  Content (Optional)
  • 48. Agenda  Intro: What & Why???  OSI model: Back to the basics  10000 feet view: How the web works  RFC 2616: Anatomy  RFC 2965: Handling Statelessness http://www.saynotocrack.com/wp-content/uploads/2007/06/flinstones-anatomy.jpg
  • 49. Anatomy  HTTP Request and Response are comprised of various components:  Request Methods  Response Status Codes  Request Headers  Response Headers  General Headers  Entity Headers  Content (MIME Media Types)
  • 50. Anatomy: Request Methods  Humans can convey emotions in several ways  Why should HTTP clients lag!!!  HTTP methods describe the type of communication GET POST HEAD OPTIONS TRACE PUT DELETE CONNECT
  • 51. Anatomy: Response Status Codes  Indicate the server’s mood corresponding to a request  Combination of a numerical code, and a short description  Cab be categorized in 5 categories:  1xx -- Informational  2xx -- Successful  3xx -- Redirection  4xx -- Client Error  5xx -- Server Error
  • 52. Anatomy: Request Headers  Specific to an HTTP Request  Carry information about the client, and the type of request  Facilitates better understanding between client and server Host Accept-Language If-Modified-Since Referer User-Agent Authorization If-None-Match Expect Accept Proxy- If-Range From Authorization Accept-Charset Max-Forwards If-Unmodified- TE Since Accept-Encoding If-Match Range
  • 53. Anatomy: Response Headers  Specific to an HTTP Response  Carry information about the server, and the type of response Accept-Ranges ETag Retry-After WWW-Authenticate Age Location Server Proxy-Authenticate Vary
  • 54. Anatomy: General Headers  Carry information about the HTTP transaction  Can be a part of request, as well as response Cache-Control Keep-Alive Pragma Via Connection Upgrade Trailer Warning Transfer-Encoding Date
  • 55. Anatomy: Entity Headers  Carry information about the content  Mainly a part of HTTP response Allow Content-Language Content-Location Content-Range Content-Encoding Content-Length Content-MD5 Content-Type Expires Last-Modified
  • 56. Anatomy: Content  IANA maintains a list of valid content types  It is specified by the Content-Type Entity header  Categorized in 9 MIME Media types: application audio example image message model multipart text video
  • 57. Agenda  Intro: What & Why???  OSI model: Back to the basics  10000 feet view: How the web works  RFC 2616: Anatomy  RFC 2965: Handling Statelessness
  • 58. Handling Statelessness  HTTP is a stateless protocol
  • 59. Handling Statelessness  HTTP is a stateless protocol  i.e., server’s got a bad memory
  • 60. Handling Statelessness  Cookies to rescue http://www.flickr.com/photos/lij/283869088/
  • 61. Handling Statelessness  Cookies:  are text files stored by client browser  maintain session by storing information  are non-executable
  • 62. Handling Statelessness  Cookie attributes:  name=value  expires=value  domain=value  path=value  Secure  HttpOnly --not a part of spec
  • 63. Conclusion The single biggest problem in communication is the illusion… that it has taken place. --George Bernard Shaw
  • 64. Conclusion The single biggest problem in communication is the illusion… that it has taken place. --George Bernard Shaw  Think about it 
  • 65. Q&A!!!  Got queries? Raise your hands.
  • 66.  Arigato!   Contact info:  Om—At—[projectbee.org/null.co.in]  http://projectbee.org/  Twitter - @bipinu  Flickr -- projectbee

Hinweis der Redaktion

  1. http://www.jellymuffin.com/generators/fordummies/
  2. http://i194.photobucket.com/albums/z202/CopyDat/copycat%20stuff/kung-fu.jpg