ruby course - lesson 2 - programming for the web

8/8/2019 Ruby Course - Lesson 2 - Programming for the Web

1/44

Programming forthe web

Lesson 2

Saturday, September 11, 2010


2/44

Internet



3/44

World wide web(WWW)



4/44

How does the webwork?



5/44

HTTPHyperText Transfer Protocol



6/44

Request-response networking protocol thatsits on top of TCP

Forms basis of World Wide Web

Originally created for information sharingCurrent version HTTP 1.1

Default TCP port 80

Client submits request to server, serverresponds with resource



7/44

webserver

request

response

useragent

session

resource



8/44

Request LineMethod + Resource

Request Headers

Response LineStatus code

Response Headers

Response Body

GET /index.html HTTP/1.1Host: example.com

Referer : saush.com

HTTP/1.1 200 OKDate: Wed, 28 Jan 2009 19:32:18 GMTServer: Apache/2.2.3 (CentOS)Content-Length: 438Connection: closeContent-Type: text/html; charset=UTF-8

Example Web Page..

Response

Request



9/44

StatelessEvery subsequent visit via HTTP is same asthe rst visit.

Works with a single TCP connection which isused *only* for content transfer, and noadditional connection is used to maintainsessions.

Cookies, Session IDs are alternative ways of maintaining sessions.



10/44

Some important request

headersAccept : text/html (Acceptable mimeformats)

Referer : example.com (Which page lead tothis page)

User-Agent : Firefox/Safari (Type of browser)

Host : yahoo.com (Domain name, reqd for 1.1)



11/44

Some important

response headersContent-type : text/html

Content-Encoding : utf8 (Encoding type)Content-Length : Length in bytes

Server : Apache/IIS (Name of the server,like user-agent)

Location : new-site.com (For redirection)



12/44

Non persistent connections

(HTTP/1.0)open

connection

get HTML

closeconnection

Others?(CSS,

images, JSetc)

open connection

get image

close connection

open connection

get image

close connection

open connection

get image

close connection



13/44

Persistent Connections

(HTTP/1.1)

openconnection get HTML

closeconnection

get CSS,images, JSin same

connection



14/44

HTTP Methods



15/44


16/44

GET

POST

PUT

DELETE

HEAD

TRACE

OPTIONS

CONNECT

PATCH

safe

methods



17/44

GET

POST

PUT

DELETE

HEAD

TRACE

OPTIONS

CONNECT

PATCH

idempotentmethods



18/44

HTTP Methods are verbs/actionsacting on nouns/resources

GET nice_image

DELETE this_page

POST my_new_email

GET /index.html (the actualstuff)



19/44

GETGet any resource

GET method is used when you click a link onany site.Most of the cases when you want to fetch adocument

You can pass variables through GET usingthe query



20/44

HTTP resourcesIdentied by Universal Resource Identiers(URI), specically Universal ResourceLocators (URLs)

http :// www.saush.com : 80 /some/index.html ? name=value # here

scheme hostname port path query fragment

Long URLs not advisable, IE doesnt support >2048 characters

http://www.saush.com/index.html?name=valuehttp://www.saush.com/index.html?name=value


21/44

GET is idempotent

Which means, how many ever times you hitthe same resource, it should produce thesame effect.Getting /index.html any number of timesshould (ideally) give the same effect.



22/44

POSTModify (append) information in the server

POST Changes the state of the server

POST is used mostly in HTML Forms

POST passes variables through the requestbody



23/44

POST /index.html HTTP/1.1Host: example.com

first_name=sausheong&last_name=chang

HTTP/1.1 200 OKDate: Wed, 28 Jan 2009 19:32:18 GMT

Server: Apache/2.2.3 (CentOS)Content-Length: 438Connection: closeContent-Type: text/html; charset=UTF-8

Example Web Page..

POST variables inrequest body

Response

Request



24/44

HTML browserssupport only GET and

POST



25/44

Other methods

HEAD Just get me the response headers

PUT Create a new resource

DELETE Delete the resource

TRACE Get me back my request headers,

after modications done by intermediateservers.

OPTIONS Gives back what all HTTP



26/44

HTTP Status Codes1XX Informational

100 Continue

2XX Success

200 Success

3XX Redirection

301 Moved Permanently

302 Found (temporaryredirect)

304 Not Modied goahead and use cacheddata

4XX Client Error

401 - Unauthorized (needauthenti cation)

404 - Not Found (resource is

not there)5XX Server Error

500 Internal Server Error

http://en.wikipedia.org/wiki/List_of_HTTP_status_codes

http://en.wikipedia.org/wiki/List_of_HTTP_status_codeshttp://en.wikipedia.org/wiki/List_of_HTTP_status_codeshttp://en.wikipedia.org/wiki/List_of_HTTP_status_codeshttp://en.wikipedia.org/wiki/List_of_HTTP_status_codes


27/44

Authentication

Basic Access Authentication

Digest Access Authentication

Form-based Authentication



28/44

Basic access

authenticationUsername appended with password, encodedusing Base64

Intent is not to encrypt username/passwordbut to remove non-HTTP compatiblecharacters. Not secure

Available in all browsersAuthentication handled by server



29/44

POST /index.html HTTP/1.1Host: example.comAuthorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==

HTTP/1.1 200 OKDate: Wed, 28 Jan 2009 19:32:18 GMT

Server: Apache/2.2.3 (CentOS)Content-Length: 438Connection: closeContent-Type: text/html; charset=UTF-8

Example Web Page..

Aladdin:open sesame

Response

Request



30/44

Digest access

authenticationApplies MD5 cryptographic hashing to secureusername/password sent over to server

More secured than basic acccessauthentication

Authentication handled by server



31/44

Form-based

authenticationMost commonly usedClient sends HTML Form with username/password information encrypted with HTTPS

Authentication handled by web application(not web server)



32/44


33/44

HTMLCSS

JavascriptDHTML

AJAXFlash

RIA



34/44

Common Gateway Interface

Standard (RFC 3875) that denes how a web

server can delegate the generation of webpages to another process

CGI



35/44

webserver

persistentstore

CGI process/application

server

HTTPrequest

HTTPresponse



36/44

Model-View-ControllerPattern



37/44

HTML/CSS/Javascript

Web Application

View

Controller

Model

Persistent Store



38/44

Web Application

View

Controller

Model

JSP

Java Servlets

Hibernate/EJB

Java



39/44

Web Application

View

Controller

Model

Web Forms

Web Forms/ASPX (VB/CS)

VB/VS

ASP .NET



40/44

Web Application

View

Controller

Model

PHP

PHP/None

PHP/None

PHP



41/44

Web Application

View

Controller

Model

ActionView

ActionController

ActiveRecord

Ruby on Rails



42/44

Web Application

View

Controller

Model

ERB

Sinatra

DataMapper

Ruby (others)



43/44

Web servicesAPIs accessed through HTTP

Intention for machines to consume services

REST (Representational State Transfer)Describes access through HTTP methods

XML-RPC/SOAP

Wraps XML data in HTTP response body/envelope



44/44

Questions?

ruby course - lesson 2 - programming for the web

Documents