Under the Bonnet - PowerPoint PPT Presentation

1 / 24
About This Presentation
Title:

Under the Bonnet

Description:

Typing amazon.co.uk into my browser immediately brought back that personalised welcome screen ... myshop.co.uk/session123456/basket.jsp. Best used to store a ... – PowerPoint PPT presentation

Number of Views:108
Avg rating:3.0/5.0
Slides: 25
Provided by: smlu
Category:
Tags: amazon | amazoncouk | bonnet | co | uk | under

less

Transcript and Presenter's Notes

Title: Under the Bonnet


1
Under the Bonnet
  • HTTP, Web Servers,
  • and Sessions
  • CC292

2
HTTP
  • A protocol for exchanging information over TCP
    sockets
  • Specifies interactions between web clients and
    web servers
  • Well mention two versions of the protocol
    version 1.0 and 1.1
  • HTML is text plus markup
  • The markup may include references to external
    content (e.g. images)
  • This must also be retrieved

3
Example HTML
  • lthtmlgt
  • ltheadgt
  • lttitlegtSample HTML With Imagelt/titlegt
  • lt/headgt
  • ltbodygt
  • lth2 align"center"gtColchester Castlelt/h2gt
  • ltp align"center"gt
  • ltimg border"0" src"castle2.jpg" width"425"
    height"204"gt
  • lt/pgt
  • lt/bodygt
  • lt/htmlgt

4
Result
5
Quick Questions
  • Suppose the above page is called Castle.html
  • How many HTTP requests will a browser generate
    when a user follows a link to that page? Answer
  • How many Socket connections will be made?
    Answer
  • What if the same image was repeated on that page?

6
URI Anatomy
  • http//ace.essex.ac.uk8080/courses/cc213/HTTPNote
    s.jsp?qualitygreat
  • http// protocol
  • ace.essex.ac.uk IP hostname
  • 8080 port
  • number/courses/cc123/HTTPNotes.jsp resource
  • ?qualitygreat query parameters

7
Request Types
  • GET
  • Standard way for client to request data
  • Can also be used to submit forms
  • Try http//algoval.essex.ac.uk8081/test.jsp?id1
    23
  • HEAD
  • Used for caching purposes
  • Client (or proxy cache) can issue a head request
    to see if the content has changed
  • POST
  • Main way to upload forms
  • Can also upload binary files using MIME encoding
  • JSP pages respond to GET and POST
  • GET/POST distinction is transparent

8
UML

9
Sample GET Requesthttp//algoval.essex.ac.uk8081
  • GET /MyFile.html HTTP/1.1
  • Accept image/gif, image/x-xbitmap, image/jpeg,
    image/pjpeg, application/vnd.ms-excel,
    application/vnd.ms-powerpoint, application/msword,
    application/x-shockwave-flash, /
  • Accept-Language en-gb
  • Accept-Encoding gzip, deflate
  • If-Modified-Since Mon, 20 Mar 2006 173054 GMT
    length394
  • User-Agent Mozilla/4.0 (compatible MSIE 6.0
    Windows NT 5.1 SV1 .NET CLR 1.0.3705 .NET CLR
    2.0.50727)
  • Host localhost8081
  • Connection Keep-Alive
  • Cookie JSESSIONID260D3F89F4EA1BFD6778FD27DFB0FC7
    D

10
HTTP 1.0
  • Default is that each request generates a new
    connection
  • E.g. an HTML page with 20 images in would
    generate 21 socket connections
  • There is a significant overhead in establishing a
    TCP socket connection
  • Which may take longer than the actual data
    transfer
  • So this can be very inefficient

11
HTTP 1.1
  • Default now is to keep the socket connection open
    for multiple requests
  • Typically much more efficient
  • And the previous example (HTML page plus 20
    images) can be received over a single connection
  • Also allows pipelining, where multiple requests
    are sent before the first response is received

12
Web Server
  • ServerSocket listens (usually on Port 80)
  • Creates
  • new Socket to handle each newly connecting client
  • new thread to process each client
  • Each thread
  • Parses incoming request
  • Reads rest of header
  • Figures out what content is required and where
    to get it
  • Sends back an appropriate header
  • Sends back the content
  • See Toy Web Server in Demo section

13
Web Server contd.
  • In the simplest case, the web server has its own
    root directory on the file system
  • All requests are then taken relative to this
  • Next step up is to have multiple roots
  • Requests may also map to programs that create
    dynamic content (e.g. a JSP or CGI script)
  • These may in turn look up values in a database
  • Or forward requests to another server
  • Log files note details of each request (resource
    name, IP of client, browser type, referrer etc)
  • Cache maintenance

14
Session Management
  • HTTP is a stateless protocol
  • BUT many applications involve the management of
    state
  • Examples
  • Shopping Basket
  • Member-only pages (accessible after logging in)
  • HTTP sees each request as an independent,
    stateless request
  • BUT mechanisms have been developed to manage
    state over HTTP

15
Example
16
Notes on Previous Example
  • Although Id not visited the Amazon site for a
    few weeks
  • Typing amazon.co.uk into my browser immediately
    brought back that personalised welcome screen
  • Good for business!
  • Done using Cookies
  • Limitations only get saved on that machine

17
State Management Methods
  • Cookies
  • URL rewriting / encoding
  • Hidden form variables
  • WWW-Authentication (login only)
  • State info is stored either in
  • HTTP Headers
  • Page content (form)
  • URL
  • JSP takes care of many low level details for you!
  • No need to hack Cookies!

18
Cookies
  • Small items of text passed in HTTP headers
  • Servers send cookies in a response
  • These are stored by the browser
  • Then sent in future requests to the same server
  • Navigation-proof
  • When you arrive at a page, does not matter how
    you got there
  • (Unlike URL encoding methods)
  • Store key to data, not data itself
  • E.g. shopping basket ID, not the contents of the
    basket!
  • Cookie parameters include time to live

19
Example Cookie
  • Example transaction sequence
  • Client requests a document, and receives in the
    response
  • Set-Cookie CUSTOMERWILE_E_COYOTE path/
    expiresWednesday, 09-Nov-99 231240 GMT
  • When client requests a URL in path "/" on this
    server, it sends
  • Cookie CUSTOMERWILE_E_COYOTE
  • See http//www.netscape.com/newsref/std/cookie_s
    pec.html

20
Cookie limitations
  • Not transferable between browsers
  • Not usually transferred between machines
  • Cannot be carried in a URL
  • Not always accepted
  • Some browsers dont
  • Users may disable cookies (e.g. due to privacy
    fears)

21
URL Rewriting
  • Query parameters are added to the URLs in a page
    E.g.
  • myshop.co.uk/basket?id123
  • Or session ID inserted into URL
  • myshop.co.uk/session123456/basket.jsp
  • Best used to store a session id
  • Not the entire shopping basket!
  • Can be bookmarked
  • URLs can be emailed to other people
  • May or may not be what you want

22
Hidden form variables
  • Most HTML form elements are there to capture
    input from users
  • But, can also have hidden elements
  • These are used to track the state of a
    transaction
  • These are not normally visible to the user
  • But can be seen with a ltview sourcegt
  • Can be accessed from JSP using request.getParamete
    r()

23
WWW-Authenticate
  • Only applicable to login systems
  • E.g. when a set of pages should be made
    accessible to someone with suitable login
    credentials
  • A BIT like Cookies in that the WWW-Authenticate
    messages are sent in the HTTP headers
  • Web app servers such as Tomcat can be configured
    for this, and details accessed from JSP pages

24
Summary
  • HTTP at heart, a simple stateless protocol but
    the details can get complex!
  • There are several ways to maintain session state
  • When using JSP, much of the gory details are
    thankfully hidden
  • Just need to think about Bean scope
  • Web programming has evolved significantly dont
    need to program with a cookie handbook on the
    desk!
Write a Comment
User Comments (0)
About PowerShow.com