1 HTTPCore, Cookies Managing Data on the World Wide-Web Elad Kravi.

Slides:

Advertisements

Similar presentations

1.  Understanding about How to Working with Server Side Scripting using PHP Framework (CodeIgniter) 2.

Advertisements

HTTP Cookies. CPSC Application Layer 2 User-server state: cookies Many major Web sites use cookies Four components: 1) cookie header line of HTTP.

Servlets and a little bit of Web Services Russell Beale.

Application Layer  We will learn about protocols by examining popular application-level protocols  HTTP  FTP  SMTP / POP3 / IMAP  Focus on client-server.

1 HTTP – HyperText Transfer Protocol Part 1. 2 Common Protocols In order for two remote machines to “ understand ” each other they should –‘‘ speak the.

Chapter 2: Application Layer

Data and Computer Communications Eighth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 23 – Internet Applications Internet Directory.

Web, HTTP and Web Caching

Application Layer  We will learn about protocols by examining popular application-level protocols  HTTP  FTP  SMTP / POP3 / IMAP  Focus on client-server.

1 The World Wide Web. 2  Web Fundamentals  Pages are defined by the Hypertext Markup Language (HTML) and contain text, graphics, audio, video and software.

HTTP By Mychal Hess, Dee Chow, and Riley Barnes. History HTTP  Tim Berners-Lee he implemented the HTTP protocol in 1990 at the European Center for High-

The abs_path in a URI If the abs_path is not present in the URL, it must be given as "/" in a Request-URI for a resource. Thus, if a user points a browser.

CS 6204 Cloud Environments Godmar Back. Announcements Please sign up for Piazza CS 6204 Choose first topic from list CS 6204 Spring 2014.

Rensselaer Polytechnic Institute CSC-432 – Operating Systems David Goldschmidt, Ph.D.

INTRO TO MAKING A WEBSITE Mark Zhang.  HTML  CSS  Javascript  PHP  MySQL  …That’s a lot of stuff!

8 Chapter Eight Server-side Scripts. 8 Chapter Objectives Create dynamic Web pages that retrieve and display database data using Active Server Pages Process.

1 3 Web Proxies Web Protocols and Practice. 2 Topics Web Protocols and Practice WEB PROXIES  Web Proxy Definition  Three of the Most Common Intermediaries.

Simple Web Services. Internet Basics The Internet is based on a communication protocol named TCP (Transmission Control Protocol) TCP allows programs running.

Comp2513 Forms and CGI Server Applications Daniel L. Silver, Ph.D.

Simple Web Services. Internet Basics The Internet is based on a communication protocol named TCP (Transmission Control Protocol) TCP allows programs running.

CP476 Internet Computing Lecture 5 : HTTP, WWW and URL 1 Lecture 5. WWW, HTTP and URL Objective: to review the concepts of WWW to understand how HTTP works.

2: Application Layer1 CS 4244: Internet Software Development Dr. Eli Tilevich.

Copyright (c) 2010, Dr. Kuanchin Chen1 The Client-Server Architecture of the WWW Dr. Kuanchin Chen.

Sistem Jaringan dan Komunikasi Data #9. DNS The Internet Directory Service  the Domain Name Service (DNS) provides mapping between host name & IP address.

JavaScript, Fourth Edition

Chapter 1: Introduction to Web Applications. This chapter gives an overview of the Internet, and where the World Wide Web fits in. It then outlines the.

Chapter 5 Java Servlets. Objectives Explain the nature of a servlet and its operation Use the appropriate servlet methods in a web application Code the.

WebServer A Web server is a program that, using the client/server model and the World Wide Web's Hypertext Transfer Protocol (HTTP), serves the files that.

CSE 154 LECTURE 12: COOKIES. Including files: include include("filename"); PHP include("header.html"); include("shared-code.php"); PHP inserts the entire.

The HyperText Transfer Protocol. History HTTP has been in use since 1990 (HTTP/0.9) HTTP/1.0 was defined in RFC 1945 (May 1996) and included metainformation.

Chapter 8 Cookies And Security JavaScript, Third Edition.

The Inter-network is a big network of networks.. The five-layer networking model for the internet.

Chapter 6 Server-side Programming: Java Servlets

Fundamentals of Proxying. Proxy Server Fundamentals  Proxy simply means acting on someone other’s behalf  A Proxy acts on behalf of the client or user.

Proxy Lab Recitation I Monday Nov 20, 2006.

HTTP1 Hypertext Transfer Protocol (HTTP) After this lecture, you should be able to:  Know how Web Browsers and Web Servers communicate via HTTP Protocol.

Web Database Programming Week 7 Session Management & Authentication.

Web Technologies Interactive Responsiveness Function Hypertext Web E-Publishing Simple Response Web Fill-in Forms Object Web « Full-Blown » Client/Server.

Session Initiation Protocol (SIP) Chapter 5 speaker ： Wenping Zhang data ：

Cookies Bill Chu. © Bei-Tseng Chu Aug 2000 Definition A cookie is a TEXT object of max 4KB sent from a web server to a browser It is intended for the.

Server - Client Communication Getting data from server.

Saving State on the WWW. The Issue  Connections on the WWW are stateless  Every time a link is followed is like the first time to the server — it has.

Cookies COEN 351 E-commerce Security. Client / Session Identification HTTP Headers Client IP Address HTTP User Login FAT URLs Cookies.

Jan 2001C.Watters1 World Wide Web and E-Commerce Client Side Processing.

2: Application Layer 1 Chapter 2: Application layer r 2.1 Principles of network applications  app architectures  app requirements r 2.2 Web and HTTP.

1 Java Servlets l Servlets : programs that run within the context of a server, analogous to applets that run within the context of a browser. l Used to.

8 Chapter Eight Server-side Scripts. 8 Chapter Objectives Create dynamic Web pages that retrieve and display database data using Active Server Pages Process.

CS 6401 The World Wide Web Outline Background Structure Protocols.

CSI 3125, Preliminaries, page 1 Networking. CSI 3125, Preliminaries, page 2 Networking A network represents interconnection of computers that is capable.

Overview of Servlets and JSP

HTTP protocol Java Servlets. HTTP protocol Web system communicates with end-user via HTTP protocol HTTP protocol methods: GET, POST, HEAD, PUT, OPTIONS,

Lecture 19 Overview. Hyper Text Transfer Protocol HTTP is the protocol that supports communication between web browsers and web servers. – A “Web Server”

©SoftMooreSlide 1 Cookies. ©SoftMooreSlide 2 Cookies Basic idea –web application sends a simple name/value pair to the client –when the client connects.

Data Communications and Computer Networks Chapter 2 CS 3830 Lecture 7 Omar Meqdadi Department of Computer Science and Software Engineering University of.

Data and Computer Communications Eighth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 23 – Internet Applications Internet Directory.

Week 11: Application Layer 1 Web and HTTP r Web page consists of objects r Object can be HTML file, JPEG image, Java applet, audio file,… r Web page consists.

1 Chapter 22 World Wide Web (HTTP) Chapter 22 World Wide Web (HTTP) Mi-Jung Choi Dept. of Computer Science and Engineering

HTTP Protocol Amanda Burrows. HTTP Protocol The HTTP protocol is used to send HTML documents through the Internet. The HTTP protocol sends the HTML documents.

Lecture 5 Internet Core: Protocol layers. Application Layer  We will learn about protocols by examining popular application-level protocols  HTTP 

National College of Science & Information Technology.

HTTP Parsing Athula Balachandran Wolfgang Richter.

Cookies Tutorial Cavisson Systems Inc..

Block 5: An application layer protocol: HTTP

WWW and HTTP King Fahd University of Petroleum & Minerals

Node.js Express Web Applications

Node.js Express Web Services

Internet transport protocols services

IS333D: MULTI-TIER APPLICATION DEVELOPMENT

Session Tracking Techniques

HyperText Transfer Protocol

Presentation transcript:

1 HTTPCore, Cookies Managing Data on the World Wide-Web Elad Kravi

2 Overview HttpCore – handlers 4 4 HttpCore - connections 2 2 HttpCore - basics 1 1 HttpCore - demo Cookies HttpCore - processors 3 3

3 Apache Software Foundation HttpCore is a set of components implementing the most fundamental aspects of the HTTP protocol that are nonetheless sufficient to develop full-featured client-side and server-side HTTP services with a minimal footprint. blocking I/O model and and non-blocking I/O. HttpCore - Intro

4 Manipulate http properties: –Client –Server –Proxy – home work… My example of downloading data from the web –Messages from Social Networks (Twitter) When would you use HttpCore

5 Generic-message = start-line *(message-header CRLF) CRLF [ message- body ] Start-line = Request-Line | Status-Line Request = Request-Line *(( general-header | request-header | entity-header ) CRLF) CRLF [ message-body ] Response = Status-Line *(( general-header | response-header | entity-header ) CRLF) CRLF [ message-body ] HttpMessage, HttpRequest, HttpResponse

6 AbstractHttpMessage – base classAbstractHttpMessage –Handle headers: setHeader, getHeaders, etc.. –More elegant – use Interceptors (in the following) BasicHttpRequest HttpRequest request = new BasicHttpRequest("GET", "/", HttpVersion.HTTP_1_1); BasicHttpResponse HttpRequest request = new BasicHttpRequest("GET", "/", HttpVersion.HTTP_1_1); AbstractHttpMessage, BasicHttpRequest, BasicHttpResponse

7 Setting a header response.addHeader("Set-Cookie", "c1=a; path=/; domain=localhost"); Reading the headers 1)Header h1 = response.getFirstHeader("Set-Cookie"); 2)HeaderIterator it = response.headerIterator("Set-Cookie"); while (it.hasNext()) { System.out.println(it.next()); } HTTP headers can be tokenized into individual header elements. –Header elements are properties of the header, e.g. response.addHeader("Set-Cookie", "c2=b; path=\"/\", c3=c; domain=\"localhost\""); –Parameters can be parsed as name-value pairs. Setting headers - explicitly

8 HTTP messages can carry a content entity associated with the request or response. –Responses are usually expected to enclose a content entity Repeatable Entity - its content can be read more than once –only possible with self contained entities (ByteArrayEntity & StringEntity) Streamed Entity: The content is received from a stream, or generated on the fly. Http Entities - message payload

9 Http Entities (cont)

10 BasicHttpEntity - A generic streamed, non-repeatable entity that obtains its content from an InputStream. ByteArrayEntity - A self contained, repeatable entity that obtains its content from a byte array String myData = "Hello world on the other side!!"; ByteArrayEntity myEntity = new ByteArrayEntity(myData.getBytes()); StringEntity - A self contained, repeatable entity that obtains its content from java.lang.String object FileEntity - a self contained, repeatable entity that obtains its content from a file –for instance, sending a zip file with content type application/zip HttpEntity entity = new FileEntity(staticFile, "application/java-archive"); (Some) Types of Entities

11 Overview HttpCore – handlers 4 4 HttpCore - connections 2 2 HttpCore - basics 1 1 HttpCore - demo Cookies HttpCore - processors 3 3 HttpCore - connections

12 A generic HTTP connection, useful on client and server side. –AbstractHttpClientConnectionAbstractHttpClientConnection sendRequestHeader, sendRequestEntity, receiveResponseHeader, flush –AbstractHttpServerConnectionAbstractHttpServerConnection receiveRequestHeader, receiveRequestEntity, sendResponseHeader, sendResponseEntity, flush –Which kind a proxy should have? Concrete types define ‘bind’ method to bind a socket. HttpConnection (extends closable)

13 Terminating HTTP connections –Gracefully by calling HttpConnection#close() –Forcibly by calling HttpConnection#shutdown() HTTP exception handling –IOException in case of an I/O failure such as socket timeout or an socket reset –HttpException that signals an Http failure such as a violation of the Http protocol Closing connection and Exceptions

14 Overview HttpCore – handlers 4 4 HttpCore - connections 2 2 HttpCore - basics 1 1 HttpCore - demo Cookies HttpCore - processors 3 3

15 A routine that implements a specific aspect of the Http protocol using protocol interceptors –protocol interceptors act upon specific header(s) of the incoming or outgoing message. –http protocol processor is a collection of protocol interceptors that implements the 'Chain of Responsibility' pattern each individual protocol interceptor is expected to work on the particular aspect of the Http protocol it is responsible for. –If the interceptors must be executed in a particular order, they should be added to the processor in the same sequence. HttpProcessor

16 RequestContent / ResponseContent – important interceptors for outgoing requests / responses. –Responsible for delimiting content length by adding Content-Length or Transfer-Content headers based on the properties of the enclosed entity and the protocol version. RequestConnControl / ResponseConnControl – –responsible for adding Connection header to the outgoing requests / responses. RequestTargetHost – required for client side protocol –responsible for adding Host header RequestUserAgent – recommended for client side protocol –responsible for adding User-Agent header (Some) Protocol interceptors

17 Using Protocol Processors Send the request to the target host and get a response.

18 Protocol interceptors collaborate by sharing information such as processing state through an Http execution context. –HttpContext is a structure that can be used to map an attribute name to an attribute value. Http Context

19 Overview HttpCore – handlers 4 4 HttpCore - connections 2 2 HttpCore - basics 1 1 HttpCore - demo Cookies HttpCore - processors 3 3 HttpCore - handlers

20 a client side HTTP protocol handler based on the blocking I/O model relies on HttpProcessor to generate mandatory protocol headers for all outgoing messagesHttpProcessor apply common, cross-cutting message transformations to all incoming and outgoing messages HttpRequestExecutor httpexecutor = new HttpRequestExecutor(); … httpexecutor.preProcess(request, httpproc, context); HttpResponse response = httpexecutor.execute(request, conn, context); … httpexecutor.postProcess(response, httpproc, context); HttpRequestExecutor

21 a server side HTTP protocol handler based on the blocking I/O model relies on HttpProcessor to generate mandatory protocol headers for all outgoing messagesHttpProcessor apply common, cross-cutting message transformations to all incoming and outgoing messages –whereas individual HttpRequestHandlers are expected to take care of application specific content generation and processingHttpRequestHandler –relies on HttpRequestHandler to resolve matching request handler for a particular request URI of an incoming HTTP requestHttpRequestHandler HttpService

22 Overview HttpCore – c & s handlers 4 4 HttpCore - headers 2 2 HttpCore - basics 1 1 HttpCore - demo Cookies HttpCore - entities 3 3

23 A client implemented using HttpCore –Configuration HttpRequestExecutor HttpProcessor HttpContext HttpRequest –Main logic – “GET” some files from the server Using HttpRequestExecutor –preProcess, execute and postProcess Print some usefull information from the response What we will see in this example?

24 A server implemented using HttpCore –Configuration HttpService HttpProcessor HttpContext HttpRequest What we will see in this example? –Main logic – Upon receiving a new request Create a working thread –Handles the request Wait for the next request

25 HttpClient is a HTTP/1.1 compliant Http agent implementation based on HttpCore. It also provides reusable components for client-side authentication, Http state management, and Http connection management. –e.g., parsing cookies Self learning HttpClient

26 Overview HttpCore – c & s handlers 4 4 HttpCore - headers 2 2 HttpCore - basics 1 1 HttpCore - demo Cookies HttpCore - entities 3 3

27 An Http cookie is a token or short packet of state information that the Http agent (e.g. browser) and the target server can exchange to maintain a session. In its simplest form an Http cookie is merely a name / value pair. –Usually a cookie also contains a number of attributes such as: version, a domain for which is valid, a path that specifies the subset of URLs on the origin server to which this cookie applies, and the maximum period of time for which the cookie is valid Http Cookies

28 Cookies allow to save state using stateless http protocol. Usefull scenario: a shopping cart Privacy hazzard: –Consider the following scenario: A cookie is set on the user’s browser Every site the user visits the cookie is sent to the server Cookies can help monitoring your browsing history Are they really ‘fortune cookies’?