SlideShare ist ein Scribd-Unternehmen logo

Web tech 101

Dan Phiffer
Dan Phiffer
Technologie
1 von 39
Downloaden Sie, um offline zu lesen
Web Tech 101 ITP Camp • June 6, 2010 Dan Phiffer • phiffer.org
Hi! • I’m Dan, ITP alum 2007 • Projects I’ve worked on: ShiftSpace, You Are Not Here, Atlas Gloves • More recently: MoMA.org, Future Archaeology, photography
Agenda • Big picture stuff • Client-side • Server-side • Data storage • AJAX & Comet
Big picture • The web is about clients talking to servers • The language is HTTP • Invented by (Sir) Tim Berners-Lee • Mosaic browser released in 1993 • Graphical-based web is a teenager
Web client • Being a client is all about asking for stuff • Clients make HTTP requests, get back data • Data is turned into webpages, podcasts, iPhone apps, etc.
Web server • Being a server is all about giving stuff out • Servers get an HTTP request, send data • Once data is sent, job is done (mostly)
How does it work? ...
Miracles!
How you get stuff GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;... Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: PREF=ID=1b1e370406541f31:U=cbfc7563400e91be:LD=en:NR=10:TM=12546... HTTP/1.x 200 OK Date: Sun, 18 Oct 2009 23:43:31 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Server: gws Content-Length: 3533 X-XSS-Protection: 0
The request GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;... Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: PREF=ID=1b1e370406541f31:U=cbfc7563400e91be:LD=en:NR=10:TM=12546... HTTP/1.x 200 OK Initiated by a browser, the web client Date: Sun, 18 Oct 2009 23:43:31 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Server: gws Content-Length: 3533 X-XSS-Protection: 0
The response GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;... Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: PREF=ID=1b1e370406541f31:U=cbfc7563400e91be:LD=en:NR=10:TM=12546... HTTP/1.x 200 OK Date: Sun, 18 Oct 2009 23:43:31 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Server: gws Content-Length: 3533 X-XSS-Protection: 0 The site’s web server decides how to treat the request
Headers GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;... Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: PREF=ID=1b1e370406541f31:U=cbfc7563400e91be:LD=en:NR=10:TM=12546... HTTP/1.x 200 OK Date: Sun, 18 Oct 2009 23:43:31 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Server: gws Content-Length: 3533 X-XSS-Protection: 0 Both the request and response include headers of the form key: value¬
Request method GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;... Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: PREF=ID=1b1e370406541f31:U=cbfc7563400e91be:LD=en:NR=10:TM=12546... HTTP/1.x 200 OK Date: Sun, 18 Oct 2009 23:43:31 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Server: gws Content-Length: 3533 X-XSS-Protection: 0
Request method GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;... Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: PREF=ID=1b1e370406541f31:U=cbfc7563400e91be:LD=en:NR=10:TM=12546... HTTP/1.x 200 OK Date: Sun, 18 Oct 2009 23:43:31 GMT Expires: -1 GET + POST are the request Cache-Control: private, max-age=0 methods we care about Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Server: gws GET HEAD Content-Length: 3533 POST TRACE X-XSS-Protection: 0 PUT OPTIONS DELETE CONNECT
Request path GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;... Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: PREF=ID=1b1e370406541f31:U=cbfc7563400e91be:LD=en:NR=10:TM=12546... HTTP/1.x 200 OK Date: Sun, 18 Oct 2009 23:43:31 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Server: gws Content-Length: 3533 X-XSS-Protection: 0
Request path GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;... Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: PREF=ID=1b1e370406541f31:U=cbfc7563400e91be:LD=en:NR=10:TM=12546... HTTP/1.x 200 OK Date: Sun, 18 Oct 2009 23:43:31 GMT Expires: -1 Other path examples Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 /page.html Content-Encoding: gzip /?q=cat%20pictures&btn=... Server: gws /images/title.png Content-Length: 3533 X-XSS-Protection: 0 /2009/10/19/naval-gazing
Status code GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;... Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: PREF=ID=1b1e370406541f31:U=cbfc7563400e91be:LD=en:NR=10:TM=12546... HTTP/1.x 200 OK Date: Sun, 18 Oct 2009 23:43:31 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Server: gws Content-Length: 3533 X-XSS-Protection: 0
Status code GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;... Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: PREF=ID=1b1e370406541f31:U=cbfc7563400e91be:LD=en:NR=10:TM=12546... HTTP/1.x 200 OK Date: Sun, 18 Oct 2009 23:43:31 GMT Expires: -1 Common status codes Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 200 OK Content-Encoding: gzip 302 Found Server: gws 304 Not modified Content-Length: 3533 X-XSS-Protection: 0 404 Not found 500 Server error
The page HTML GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;... Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: PREF=ID=1b1e370406541f31:U=cbfc7563400e91be:LD=en:NR=10:TM=12546... HTTP/1.x 200 OK Date: Sun, 18 Oct 2009 23:43:31 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Server: gws Content-Length: 3533 X-XSS-Protection: 0 <!doctype html><html><head><meta http-equiv="content-type" content="text/ html; charset=UTF-8"><title>Google</title>...
The page HTML GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;... Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: PREF=ID=1b1e370406541f31:U=cbfc7563400e91be:LD=en:NR=10:TM=12546... HTTP/1.x 200 OK Date: Sun, 18 Oct 2009 23:43:31 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Server: gws Content-Length: 3533 X-XSS-Protection: 0 <!doctype html><html><head><meta http-equiv="content-type" content="text/ html; charset=UTF-8"><title>Google</title>...
Repeat for each file The same HTTP request, response process is repeated for each of the six files that compose this Google page view
Client-side • Required Firefox add-on, Firebug • HTML • Element <div id="bar">...</div> • Attribute <div id="bar">...</div> • CSS • Selector #bar { font-weight: bold; } • Property #bar { font-weight: bold; }
JavaScript • Simple, flexible, and slightly weird • C-like syntax, inspired by Self and Lisp • See also: Ecmascript, Dynamic-HTML (DHTML), AJAX, Comet • Uses the Document Object Model (DOM) API • Frameworks (Prototype, jQuery, Dojo, MooTools, etc.) abstract the DOM away
Hello, world! <script type="text/javascript"> alert('yo'); </script>
External .js files <script src="yo.js" type="text/javascript"> </script>
JavaScript links • O’Reilly Rhino book • Mozilla’s JavaScript Reference • Eloquent JavaScript tutorial • jQuery tutorials • MooTools “mootorial”
Flash • First: Animated movies! On the internets! • Then: interactive swishy things! Fun! • Now: Videos! On the internets!
Flash is essential for... • Sound (stream an MP3 file) • Full screen • Brochure-ware (a’la nike.com) • sIFR (use any font, consistently) • Various other things (multi-file uploads, quasi-WebSockets, annoying advertising)
Flash <embeds> • Popular way to embed videos • Embeds are over-complicated and often don’t pass validation • I like the SWFObject library, or Swiff utility in MooTools
HTML5 • Not really a “Flash-killer” • Collection of new HTML standards • <canvas> for graphics • <video> and <audio> for media • Plus a whole lot of other stuff
Why HTML5 is good • Vendor-driven instead of standards-driven • Open process with a single guiding vision (Ian Hickson from Google) • See: Dive Into HTML5
Server-side • Languages: PHP, Ruby, Python, Java, C# • Frameworks: Ruby on Rails, Django, CakePHP, Symfony, .NET, WordPress • Some crazy people even write JavaScript on the server-side
PHP • Quick & dirty workhorse • Upload a .php file, load it in a browser, done! • Good for small websites
Ruby on Rails • More “fussy” and “magical” • Relies on Model/View/Controller pattern • The Passenger/mod_rails project makes it work nicely on the Apache web server • Good for medium-sized projects
Java • I don’t know much about Java • More enterprise-y • Good for big sites
Data storage • Data stores keep data & code separate • MySQL, PostgreSQL, SQL Server are relational databases (RDBMS) and use SQL • CouchDB and others known as “no-SQL” are gaining traction • SQL is more established, but not as simple to learn
AJAX • Stands for: Asynchronous JavaScript & XML • Invented by Microsoft, popularized by Adaptive Path • Synonymous with interactive JavaScript • Put more stuff onto the page without reloading the whole page
Comet • Used for things like GMail & Facebook chat • Allows the server to send you data • Still mostly faking it with long polling • New standard called WebSockets is in the works
Thanks! • Send me email: dan@phiffer.org • Catch me on Twitter: @dphiffer • Talk to me in the lounge!

Empfohlen

Rawnet Lightning talk 'How the Internet Works'
Rawnet Lightning talk 'How the Internet Works'Rawnet Lightning talk 'How the Internet Works'
Rawnet Lightning talk 'How the Internet Works'Rawnet
 
Leverage HTTP to deliver cacheable websites - Thijs Feryn - Codemotion Rome 2018
Leverage HTTP to deliver cacheable websites - Thijs Feryn - Codemotion Rome 2018Leverage HTTP to deliver cacheable websites - Thijs Feryn - Codemotion Rome 2018
Leverage HTTP to deliver cacheable websites - Thijs Feryn - Codemotion Rome 2018Codemotion
 
Leverage HTTP to deliver cacheable websites - Codemotion Rome 2018
Leverage HTTP to deliver cacheable websites - Codemotion Rome 2018Leverage HTTP to deliver cacheable websites - Codemotion Rome 2018
Leverage HTTP to deliver cacheable websites - Codemotion Rome 2018Thijs Feryn
 
Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...
Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...
Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...NoNameCon
 
Hidden Gems in HTTP
Hidden Gems in HTTPHidden Gems in HTTP
Hidden Gems in HTTPBen Ramsey
 
Ethernet Shield
Ethernet ShieldEthernet Shield
Ethernet ShieldTinker
 
HTTP/2 - How it's changing web performance
HTTP/2 - How it's changing web performanceHTTP/2 - How it's changing web performance
HTTP/2 - How it's changing web performanceMateus Prado
 
How our computers connect to facebook
How our computers connect to facebookHow our computers connect to facebook
How our computers connect to facebookYiKuo3
 

Empfohlen

Rawnet Lightning talk 'How the Internet Works'
Rawnet Lightning talk 'How the Internet Works'Rawnet Lightning talk 'How the Internet Works'
Rawnet Lightning talk 'How the Internet Works'Rawnet
 
Leverage HTTP to deliver cacheable websites - Thijs Feryn - Codemotion Rome 2018
Leverage HTTP to deliver cacheable websites - Thijs Feryn - Codemotion Rome 2018Leverage HTTP to deliver cacheable websites - Thijs Feryn - Codemotion Rome 2018
Leverage HTTP to deliver cacheable websites - Thijs Feryn - Codemotion Rome 2018Codemotion
 
Leverage HTTP to deliver cacheable websites - Codemotion Rome 2018
Leverage HTTP to deliver cacheable websites - Codemotion Rome 2018Leverage HTTP to deliver cacheable websites - Codemotion Rome 2018
Leverage HTTP to deliver cacheable websites - Codemotion Rome 2018Thijs Feryn
 
Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...
Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...
Help, my browser is leaking! Exploring XSLeaks attacks and defenses - Tom Van...NoNameCon
 
Hidden Gems in HTTP
Hidden Gems in HTTPHidden Gems in HTTP
Hidden Gems in HTTPBen Ramsey
 
Ethernet Shield
Ethernet ShieldEthernet Shield
Ethernet ShieldTinker
 
HTTP/2 - How it's changing web performance
HTTP/2 - How it's changing web performanceHTTP/2 - How it's changing web performance
HTTP/2 - How it's changing web performanceMateus Prado
 
How our computers connect to facebook
How our computers connect to facebookHow our computers connect to facebook
How our computers connect to facebookYiKuo3
 
HTTP/2 (2017)
HTTP/2 (2017)HTTP/2 (2017)
HTTP/2 (2017)Christian Mäder
 
DEF CON 27- ALBINOWAX - http desync attacks
DEF CON 27- ALBINOWAX - http desync attacksDEF CON 27- ALBINOWAX - http desync attacks
DEF CON 27- ALBINOWAX - http desync attacksFelipe Prado
 
Pushing the web — WebSockets
Pushing the web — WebSocketsPushing the web — WebSockets
Pushing the web — WebSocketsRoland M
 
Scrip queue tree
Scrip queue treeScrip queue tree
Scrip queue treeMarco Arias
 
HAProxy scale out using open source
HAProxy scale out using open sourceHAProxy scale out using open source
HAProxy scale out using open sourceIngo Walz
 
Krzysztof Kotowicz - Hacking HTML5
Krzysztof Kotowicz - Hacking HTML5Krzysztof Kotowicz - Hacking HTML5
Krzysztof Kotowicz - Hacking HTML5DefconRussia
 
Developing cacheable PHP applications - PHPLimburgBE 2018
Developing cacheable PHP applications - PHPLimburgBE 2018Developing cacheable PHP applications - PHPLimburgBE 2018
Developing cacheable PHP applications - PHPLimburgBE 2018Thijs Feryn
 
Websockets in Node.js - Making them reliable and scalable
Websockets in Node.js - Making them reliable and scalableWebsockets in Node.js - Making them reliable and scalable
Websockets in Node.js - Making them reliable and scalableGareth Marland
 
Server-Side JavaScript Developement - Node.JS Quick Tour
Server-Side JavaScript Developement - Node.JS Quick TourServer-Side JavaScript Developement - Node.JS Quick Tour
Server-Side JavaScript Developement - Node.JS Quick Tourq3boy
 
SPDY - or maybe HTTP2.0
SPDY - or maybe HTTP2.0SPDY - or maybe HTTP2.0
SPDY - or maybe HTTP2.0Andreas Bjärlestam
 
Rooting your internals - Exploiting Internal Network Vulns via the Browser Us...
Rooting your internals - Exploiting Internal Network Vulns via the Browser Us...Rooting your internals - Exploiting Internal Network Vulns via the Browser Us...
Rooting your internals - Exploiting Internal Network Vulns via the Browser Us...Michele Orru
 
WebSockets with PHP: Mission impossible
WebSockets with PHP: Mission impossibleWebSockets with PHP: Mission impossible
WebSockets with PHP: Mission impossibleYoan-Alexander Grigorov
 
Socket programming with php
Socket programming with phpSocket programming with php
Socket programming with phpElizabeth Smith
 
Node JS
Node JSNode JS
Node JSYnon Perek
 
Php Inside - confoo 2011 - Derick Rethans
Php Inside - confoo 2011 - Derick RethansPhp Inside - confoo 2011 - Derick Rethans
Php Inside - confoo 2011 - Derick RethansBachkoutou Toutou
 
Introduction to WebSockets
Introduction to WebSocketsIntroduction to WebSockets
Introduction to WebSocketsGunnar Hillert
 
OWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and Ave
OWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and AveOWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and Ave
OWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and AveCheckmarx
 
Php push notifications
Php push notificationsPhp push notifications
Php push notificationsMohammed Shurrab
 
Hosting Client Websites on a WordPress Multisite Network
Hosting Client Websites on a WordPress Multisite NetworkHosting Client Websites on a WordPress Multisite Network
Hosting Client Websites on a WordPress Multisite Networkpeterwilsoncc
 
Elastic stack
Elastic stackElastic stack
Elastic stackMinsoo Jun
 
Static layouts with css
Static layouts with cssStatic layouts with css
Static layouts with cssDan Phiffer
 
Word press templates
Word press templatesWord press templates
Word press templatesDan Phiffer
 

Weitere ähnliche Inhalte

Was ist angesagt?

DEF CON 27- ALBINOWAX - http desync attacks
DEF CON 27- ALBINOWAX - http desync attacksDEF CON 27- ALBINOWAX - http desync attacks
DEF CON 27- ALBINOWAX - http desync attacksFelipe Prado
 
Pushing the web — WebSockets
Pushing the web — WebSocketsPushing the web — WebSockets
Pushing the web — WebSocketsRoland M
 
Scrip queue tree
Scrip queue treeScrip queue tree
Scrip queue treeMarco Arias
 
HAProxy scale out using open source
HAProxy scale out using open sourceHAProxy scale out using open source
HAProxy scale out using open sourceIngo Walz
 
Krzysztof Kotowicz - Hacking HTML5
Krzysztof Kotowicz - Hacking HTML5Krzysztof Kotowicz - Hacking HTML5
Krzysztof Kotowicz - Hacking HTML5DefconRussia
 
Developing cacheable PHP applications - PHPLimburgBE 2018
Developing cacheable PHP applications - PHPLimburgBE 2018Developing cacheable PHP applications - PHPLimburgBE 2018
Developing cacheable PHP applications - PHPLimburgBE 2018Thijs Feryn
 
Websockets in Node.js - Making them reliable and scalable
Websockets in Node.js - Making them reliable and scalableWebsockets in Node.js - Making them reliable and scalable
Websockets in Node.js - Making them reliable and scalableGareth Marland
 
Server-Side JavaScript Developement - Node.JS Quick Tour
Server-Side JavaScript Developement - Node.JS Quick TourServer-Side JavaScript Developement - Node.JS Quick Tour
Server-Side JavaScript Developement - Node.JS Quick Tourq3boy
 
Rooting your internals - Exploiting Internal Network Vulns via the Browser Us...
Rooting your internals - Exploiting Internal Network Vulns via the Browser Us...Rooting your internals - Exploiting Internal Network Vulns via the Browser Us...
Rooting your internals - Exploiting Internal Network Vulns via the Browser Us...Michele Orru
 
Socket programming with php
Socket programming with phpSocket programming with php
Socket programming with phpElizabeth Smith
 
Php Inside - confoo 2011 - Derick Rethans
Php Inside - confoo 2011 - Derick RethansPhp Inside - confoo 2011 - Derick Rethans
Php Inside - confoo 2011 - Derick RethansBachkoutou Toutou
 
Introduction to WebSockets
Introduction to WebSocketsIntroduction to WebSockets
Introduction to WebSocketsGunnar Hillert
 
OWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and Ave
OWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and AveOWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and Ave
OWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and AveCheckmarx
 
Hosting Client Websites on a WordPress Multisite Network
Hosting Client Websites on a WordPress Multisite NetworkHosting Client Websites on a WordPress Multisite Network
Hosting Client Websites on a WordPress Multisite Networkpeterwilsoncc
 

Was ist angesagt? (20)

HTTP/2 (2017)
HTTP/2 (2017)HTTP/2 (2017)
HTTP/2 (2017)
 
DEF CON 27- ALBINOWAX - http desync attacks
DEF CON 27- ALBINOWAX - http desync attacksDEF CON 27- ALBINOWAX - http desync attacks
DEF CON 27- ALBINOWAX - http desync attacks
 
Pushing the web — WebSockets
Pushing the web — WebSocketsPushing the web — WebSockets
Pushing the web — WebSockets
 
Scrip queue tree
Scrip queue treeScrip queue tree
Scrip queue tree
 
HAProxy scale out using open source
HAProxy scale out using open sourceHAProxy scale out using open source
HAProxy scale out using open source
 
Krzysztof Kotowicz - Hacking HTML5
Krzysztof Kotowicz - Hacking HTML5Krzysztof Kotowicz - Hacking HTML5
Krzysztof Kotowicz - Hacking HTML5
 
Developing cacheable PHP applications - PHPLimburgBE 2018
Developing cacheable PHP applications - PHPLimburgBE 2018Developing cacheable PHP applications - PHPLimburgBE 2018
Developing cacheable PHP applications - PHPLimburgBE 2018
 
Websockets in Node.js - Making them reliable and scalable
Websockets in Node.js - Making them reliable and scalableWebsockets in Node.js - Making them reliable and scalable
Websockets in Node.js - Making them reliable and scalable
 
Server-Side JavaScript Developement - Node.JS Quick Tour
Server-Side JavaScript Developement - Node.JS Quick TourServer-Side JavaScript Developement - Node.JS Quick Tour
Server-Side JavaScript Developement - Node.JS Quick Tour
 
SPDY - or maybe HTTP2.0
SPDY - or maybe HTTP2.0SPDY - or maybe HTTP2.0
SPDY - or maybe HTTP2.0
 
Rooting your internals - Exploiting Internal Network Vulns via the Browser Us...
Rooting your internals - Exploiting Internal Network Vulns via the Browser Us...Rooting your internals - Exploiting Internal Network Vulns via the Browser Us...
Rooting your internals - Exploiting Internal Network Vulns via the Browser Us...
 
WebSockets with PHP: Mission impossible
WebSockets with PHP: Mission impossibleWebSockets with PHP: Mission impossible
WebSockets with PHP: Mission impossible
 
Socket programming with php
Socket programming with phpSocket programming with php
Socket programming with php
 
Node JS
Node JSNode JS
Node JS
 
Php Inside - confoo 2011 - Derick Rethans
Php Inside - confoo 2011 - Derick RethansPhp Inside - confoo 2011 - Derick Rethans
Php Inside - confoo 2011 - Derick Rethans
 
Introduction to WebSockets
Introduction to WebSocketsIntroduction to WebSockets
Introduction to WebSockets
 
OWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and Ave
OWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and AveOWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and Ave
OWASP Top 10 - Checkmarx Presentation at Polytechnic Institute of Cávado and Ave
 
Php push notifications
Php push notificationsPhp push notifications
Php push notifications
 
Hosting Client Websites on a WordPress Multisite Network
Hosting Client Websites on a WordPress Multisite NetworkHosting Client Websites on a WordPress Multisite Network
Hosting Client Websites on a WordPress Multisite Network
 
Elastic stack
Elastic stackElastic stack
Elastic stack
 

Andere mochten auch

Static layouts with css
Static layouts with cssStatic layouts with css
Static layouts with cssDan Phiffer
 
Word press templates
Word press templatesWord press templates
Word press templatesDan Phiffer
 
Intro to word press
Intro to word pressIntro to word press
Intro to word pressDan Phiffer
 
Intro to JavaScript
Intro to JavaScriptIntro to JavaScript
Intro to JavaScriptDan Phiffer
 
The Outcome Economy
The Outcome EconomyThe Outcome Economy
The Outcome EconomyHelge Tennø
 

Andere mochten auch (8)

Static layouts with css
Static layouts with cssStatic layouts with css
Static layouts with css
 
Word press templates
Word press templatesWord press templates
Word press templates
 
Intro to word press
Intro to word pressIntro to word press
Intro to word press
 
The web context
The web contextThe web context
The web context
 
Occupy.here
Occupy.hereOccupy.here
Occupy.here
 
Intro to JavaScript
Intro to JavaScriptIntro to JavaScript
Intro to JavaScript
 
Diving into php
Diving into phpDiving into php
Diving into php
 
The Outcome Economy
The Outcome EconomyThe Outcome Economy
The Outcome Economy
 

Ähnlich wie Web tech 101

Metodologias de Programação IV - Aula 4, Secção 2 - Suporte para sessões no p...
Metodologias de Programação IV - Aula 4, Secção 2 - Suporte para sessões no p...Metodologias de Programação IV - Aula 4, Secção 2 - Suporte para sessões no p...
Metodologias de Programação IV - Aula 4, Secção 2 - Suporte para sessões no p...Leonel Morgado
 
Web Application Security 101 - 02 The Basics
Web Application Security 101 - 02 The BasicsWeb Application Security 101 - 02 The Basics
Web Application Security 101 - 02 The BasicsWebsecurify
 
IBM dwLive, "Internet & HTTP - 잃어버린 패킷을 찾아서..."
IBM dwLive, "Internet & HTTP - 잃어버린 패킷을 찾아서..."IBM dwLive, "Internet & HTTP - 잃어버린 패킷을 찾아서..."
IBM dwLive, "Internet & HTTP - 잃어버린 패킷을 찾아서..."Dongwook Lee
 
Http
HttpHttp
HttpNEATS
 
20190516 web security-basic
20190516 web security-basic20190516 web security-basic
20190516 web security-basicMksYi
 
Cache is king
Cache is kingCache is king
Cache is kingedrone
 
WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)
WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)
WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)Ericom Software
 
REST and JAX-RS
REST and JAX-RSREST and JAX-RS
REST and JAX-RSGuy Nir
 
Type URL, Enter, and Then …
Type URL, Enter, and Then …Type URL, Enter, and Then …
Type URL, Enter, and Then …Jinglun Li
 
Computer network (10)
Computer network (10)Computer network (10)
Computer network (10)NYversity
 
How HTTP/2 will change the web as we know it
How HTTP/2 will change the web as we know itHow HTTP/2 will change the web as we know it
How HTTP/2 will change the web as we know itNils De Moor
 
How HTTP/2 will change the web as we know it
How HTTP/2 will change the web as we know itHow HTTP/2 will change the web as we know it
How HTTP/2 will change the web as we know itWoorank
 
2. [Daily hack] Citrix_waf_bypass
2. [Daily hack] Citrix_waf_bypass2. [Daily hack] Citrix_waf_bypass
2. [Daily hack] Citrix_waf_bypassdefconmoscow
 
HTTP Basic - PHP
HTTP Basic - PHPHTTP Basic - PHP
HTTP Basic - PHPSulaeman .
 
Under the Covers with the Web
Under the Covers with the WebUnder the Covers with the Web
Under the Covers with the WebTrevor Lohrbeer
 

Ähnlich wie Web tech 101 (20)

Metodologias de Programação IV - Aula 4, Secção 2 - Suporte para sessões no p...
Metodologias de Programação IV - Aula 4, Secção 2 - Suporte para sessões no p...Metodologias de Programação IV - Aula 4, Secção 2 - Suporte para sessões no p...
Metodologias de Programação IV - Aula 4, Secção 2 - Suporte para sessões no p...
 
Web Application Security 101 - 02 The Basics
Web Application Security 101 - 02 The BasicsWeb Application Security 101 - 02 The Basics
Web Application Security 101 - 02 The Basics
 
IBM dwLive, "Internet & HTTP - 잃어버린 패킷을 찾아서..."
IBM dwLive, "Internet & HTTP - 잃어버린 패킷을 찾아서..."IBM dwLive, "Internet & HTTP - 잃어버린 패킷을 찾아서..."
IBM dwLive, "Internet & HTTP - 잃어버린 패킷을 찾아서..."
 
Client–server model
Client–server modelClient–server model
Client–server model
 
Http
HttpHttp
Http
 
20190516 web security-basic
20190516 web security-basic20190516 web security-basic
20190516 web security-basic
 
Cgi
CgiCgi
Cgi
 
HTTP
HTTPHTTP
HTTP
 
Cache is king
Cache is kingCache is king
Cache is king
 
Cache is the king
Cache is the kingCache is the king
Cache is the king
 
WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)
WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)
WebSockets Everywhere: the Future Transport Protocol for Everything (Almost)
 
Introduction HTTP via cURL
Introduction HTTP via cURLIntroduction HTTP via cURL
Introduction HTTP via cURL
 
REST and JAX-RS
REST and JAX-RSREST and JAX-RS
REST and JAX-RS
 
Type URL, Enter, and Then …
Type URL, Enter, and Then …Type URL, Enter, and Then …
Type URL, Enter, and Then …
 
Computer network (10)
Computer network (10)Computer network (10)
Computer network (10)
 
How HTTP/2 will change the web as we know it
How HTTP/2 will change the web as we know itHow HTTP/2 will change the web as we know it
How HTTP/2 will change the web as we know it
 
How HTTP/2 will change the web as we know it
How HTTP/2 will change the web as we know itHow HTTP/2 will change the web as we know it
How HTTP/2 will change the web as we know it
 
2. [Daily hack] Citrix_waf_bypass
2. [Daily hack] Citrix_waf_bypass2. [Daily hack] Citrix_waf_bypass
2. [Daily hack] Citrix_waf_bypass
 
HTTP Basic - PHP
HTTP Basic - PHPHTTP Basic - PHP
HTTP Basic - PHP
 
Under the Covers with the Web
Under the Covers with the WebUnder the Covers with the Web
Under the Covers with the Web
 

Kürzlich hochgeladen

Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 

Kürzlich hochgeladen (20)

Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 

Web tech 101

  • 1. Web Tech 101 ITP Camp • June 6, 2010 Dan Phiffer • phiffer.org
  • 2. Hi! • I’m Dan, ITP alum 2007 • Projects I’ve worked on: ShiftSpace, You Are Not Here, Atlas Gloves • More recently: MoMA.org, Future Archaeology, photography
  • 3. Agenda • Big picture stuff • Client-side • Server-side • Data storage • AJAX & Comet
  • 4. Big picture • The web is about clients talking to servers • The language is HTTP • Invented by (Sir) Tim Berners-Lee • Mosaic browser released in 1993 • Graphical-based web is a teenager
  • 5. Web client • Being a client is all about asking for stuff • Clients make HTTP requests, get back data • Data is turned into webpages, podcasts, iPhone apps, etc.
  • 6. Web server • Being a server is all about giving stuff out • Servers get an HTTP request, send data • Once data is sent, job is done (mostly)
  • 7. How does it work? ...
  • 9. How you get stuff GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;... Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: PREF=ID=1b1e370406541f31:U=cbfc7563400e91be:LD=en:NR=10:TM=12546... HTTP/1.x 200 OK Date: Sun, 18 Oct 2009 23:43:31 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Server: gws Content-Length: 3533 X-XSS-Protection: 0
  • 10. The request GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;... Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: PREF=ID=1b1e370406541f31:U=cbfc7563400e91be:LD=en:NR=10:TM=12546... HTTP/1.x 200 OK Initiated by a browser, the web client Date: Sun, 18 Oct 2009 23:43:31 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Server: gws Content-Length: 3533 X-XSS-Protection: 0
  • 11. The response GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;... Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: PREF=ID=1b1e370406541f31:U=cbfc7563400e91be:LD=en:NR=10:TM=12546... HTTP/1.x 200 OK Date: Sun, 18 Oct 2009 23:43:31 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Server: gws Content-Length: 3533 X-XSS-Protection: 0 The site’s web server decides how to treat the request
  • 12. Headers GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;... Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: PREF=ID=1b1e370406541f31:U=cbfc7563400e91be:LD=en:NR=10:TM=12546... HTTP/1.x 200 OK Date: Sun, 18 Oct 2009 23:43:31 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Server: gws Content-Length: 3533 X-XSS-Protection: 0 Both the request and response include headers of the form key: value¬
  • 13. Request method GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;... Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: PREF=ID=1b1e370406541f31:U=cbfc7563400e91be:LD=en:NR=10:TM=12546... HTTP/1.x 200 OK Date: Sun, 18 Oct 2009 23:43:31 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Server: gws Content-Length: 3533 X-XSS-Protection: 0
  • 14. Request method GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;... Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: PREF=ID=1b1e370406541f31:U=cbfc7563400e91be:LD=en:NR=10:TM=12546... HTTP/1.x 200 OK Date: Sun, 18 Oct 2009 23:43:31 GMT Expires: -1 GET + POST are the request Cache-Control: private, max-age=0 methods we care about Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Server: gws GET HEAD Content-Length: 3533 POST TRACE X-XSS-Protection: 0 PUT OPTIONS DELETE CONNECT
  • 15. Request path GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;... Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: PREF=ID=1b1e370406541f31:U=cbfc7563400e91be:LD=en:NR=10:TM=12546... HTTP/1.x 200 OK Date: Sun, 18 Oct 2009 23:43:31 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Server: gws Content-Length: 3533 X-XSS-Protection: 0
  • 16. Request path GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;... Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: PREF=ID=1b1e370406541f31:U=cbfc7563400e91be:LD=en:NR=10:TM=12546... HTTP/1.x 200 OK Date: Sun, 18 Oct 2009 23:43:31 GMT Expires: -1 Other path examples Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 /page.html Content-Encoding: gzip /?q=cat%20pictures&btn=... Server: gws /images/title.png Content-Length: 3533 X-XSS-Protection: 0 /2009/10/19/naval-gazing
  • 17. Status code GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;... Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: PREF=ID=1b1e370406541f31:U=cbfc7563400e91be:LD=en:NR=10:TM=12546... HTTP/1.x 200 OK Date: Sun, 18 Oct 2009 23:43:31 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Server: gws Content-Length: 3533 X-XSS-Protection: 0
  • 18. Status code GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;... Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: PREF=ID=1b1e370406541f31:U=cbfc7563400e91be:LD=en:NR=10:TM=12546... HTTP/1.x 200 OK Date: Sun, 18 Oct 2009 23:43:31 GMT Expires: -1 Common status codes Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 200 OK Content-Encoding: gzip 302 Found Server: gws 304 Not modified Content-Length: 3533 X-XSS-Protection: 0 404 Not found 500 Server error
  • 19. The page HTML GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;... Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: PREF=ID=1b1e370406541f31:U=cbfc7563400e91be:LD=en:NR=10:TM=12546... HTTP/1.x 200 OK Date: Sun, 18 Oct 2009 23:43:31 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Server: gws Content-Length: 3533 X-XSS-Protection: 0 <!doctype html><html><head><meta http-equiv="content-type" content="text/ html; charset=UTF-8"><title>Google</title>...
  • 20. The page HTML GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;... Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: PREF=ID=1b1e370406541f31:U=cbfc7563400e91be:LD=en:NR=10:TM=12546... HTTP/1.x 200 OK Date: Sun, 18 Oct 2009 23:43:31 GMT Expires: -1 Cache-Control: private, max-age=0 Content-Type: text/html; charset=UTF-8 Content-Encoding: gzip Server: gws Content-Length: 3533 X-XSS-Protection: 0 <!doctype html><html><head><meta http-equiv="content-type" content="text/ html; charset=UTF-8"><title>Google</title>...
  • 21. Repeat for each file The same HTTP request, response process is repeated for each of the six files that compose this Google page view
  • 22. Client-side • Required Firefox add-on, Firebug • HTML • Element <div id="bar">...</div> • Attribute <div id="bar">...</div> • CSS • Selector #bar { font-weight: bold; } • Property #bar { font-weight: bold; }
  • 23. JavaScript • Simple, flexible, and slightly weird • C-like syntax, inspired by Self and Lisp • See also: Ecmascript, Dynamic-HTML (DHTML), AJAX, Comet • Uses the Document Object Model (DOM) API • Frameworks (Prototype, jQuery, Dojo, MooTools, etc.) abstract the DOM away
  • 25. External .js files <script src="yo.js" type="text/javascript"> </script>
  • 26. JavaScript links • O’Reilly Rhino book • Mozilla’s JavaScript Reference • Eloquent JavaScript tutorial • jQuery tutorials • MooTools “mootorial”
  • 27. Flash • First: Animated movies! On the internets! • Then: interactive swishy things! Fun! • Now: Videos! On the internets!
  • 28. Flash is essential for... • Sound (stream an MP3 file) • Full screen • Brochure-ware (a’la nike.com) • sIFR (use any font, consistently) • Various other things (multi-file uploads, quasi-WebSockets, annoying advertising)
  • 29. Flash <embeds> • Popular way to embed videos • Embeds are over-complicated and often don’t pass validation • I like the SWFObject library, or Swiff utility in MooTools
  • 30. HTML5 • Not really a “Flash-killer” • Collection of new HTML standards • <canvas> for graphics • <video> and <audio> for media • Plus a whole lot of other stuff
  • 31. Why HTML5 is good • Vendor-driven instead of standards-driven • Open process with a single guiding vision (Ian Hickson from Google) • See: Dive Into HTML5
  • 32. Server-side • Languages: PHP, Ruby, Python, Java, C# • Frameworks: Ruby on Rails, Django, CakePHP, Symfony, .NET, WordPress • Some crazy people even write JavaScript on the server-side
  • 33. PHP • Quick & dirty workhorse • Upload a .php file, load it in a browser, done! • Good for small websites
  • 34. Ruby on Rails • More “fussy” and “magical” • Relies on Model/View/Controller pattern • The Passenger/mod_rails project makes it work nicely on the Apache web server • Good for medium-sized projects
  • 35. Java • I don’t know much about Java • More enterprise-y • Good for big sites
  • 36. Data storage • Data stores keep data & code separate • MySQL, PostgreSQL, SQL Server are relational databases (RDBMS) and use SQL • CouchDB and others known as “no-SQL” are gaining traction • SQL is more established, but not as simple to learn
  • 37. AJAX • Stands for: Asynchronous JavaScript & XML • Invented by Microsoft, popularized by Adaptive Path • Synonymous with interactive JavaScript • Put more stuff onto the page without reloading the whole page
  • 38. Comet • Used for things like GMail & Facebook chat • Allows the server to send you data • Still mostly faking it with long polling • New standard called WebSockets is in the works
  • 39. Thanks! • Send me email: dan@phiffer.org • Catch me on Twitter: @dphiffer • Talk to me in the lounge!