Presentation is loading. Please wait.

Presentation is loading. Please wait.

Host and Application Security Lesson 19: How the Web Works.

Published byMatthew Taylor Modified over 8 years ago

Similar presentations

Presentation on theme: "Host and Application Security Lesson 19: How the Web Works."— Presentation transcript:

1 Host and Application Security Lesson 19: How the Web Works

2 Well we have to start somewhere  If we don’t know how something works we can’t possibly know how it doesn’t work

3 Why is the Web Important?  For an end-user machine, the Web is the largest vulnerability and infection vector  The Web is much more complex than we think it is – it’s far more than HTML

4 Two Important Standards  Hypertext Markup Language (HTML) Text with layout instructions  Hypertext Transfer Protocol (HTTP) How we transport this stuff around

5 HTTP  TCP/IP based protocol  Typically uses port 80  Text-based, so can be used with telnet  Two most important functions: GET and POST GET typically asks for content POST typically sends some data from the web browser to the server

6 GET  Example: GET /pub/WWW/TheProject.html HTTP/1.1 Host: www.w3.org See? Easy! In fact, reading web pages from C++/Perl is trivially easy

7 POST  Most commonly, from a form: POST /path/script.cgi HTTP/1.0 From: rford@spam.spam User-Agent: HTTPTool/1.0 Content-Type: application/x-www-form- urlencoded Content-Length: 32 home=xxxxx&favorite+flavor=plane

8 All easy so far…  First, we had pictures in HTML…  Then we added support for lots of different kinds of content  Also, there’s Javascript, which runs client side in the context of the local browser

9 Maintaining State  The problem with Web servers and clients is that it is hard to maintain state – think about a shopping card, for example  Why can’t we just use something simple the server already knows, like IP address?  Solution: Cookies

10 Cookies by type  Session Cookie  Persistent Cookie  Secure Cookie  HTTPOnly  Third-party cookie  “Supercookie”  Zombie cookie

11 Active Content  Flash  Silverlight  ActiveX  Java

Download ppt "Host and Application Security Lesson 19: How the Web Works."

Similar presentations

PowerPoint presentation of first 25 pages of instructional manual Edith Fabiyi Essentials of Internet Access.

PowerPoint presentation of first 25 pages of instructional manual Edith Fabiyi Essentials of Internet Access.
PHP syntax basics. Personal Home Page This is a Hypertext processor It works on the server side It demands a Web-server to be installed.

PHP syntax basics. Personal Home Page This is a Hypertext processor It works on the server side It demands a Web-server to be installed.
4.01 How Web Pages Work.

4.01 How Web Pages Work.
HTTP HyperText Transfer Protocol. HTTP Uses TCP as its underlying transport protocol Uses port 80 Stateless protocol (i.e. HTTP Server maintains no information.

HTTP HyperText Transfer Protocol. HTTP Uses TCP as its underlying transport protocol Uses port 80 Stateless protocol (i.e. HTTP Server maintains no information.
Beginning Web Site Creation: Dreamweaver CS4.  WK1 & WK2  File Management  BlackBoard  SWS  Planning, Design, and HTML review  WK3 & WK4  Dreamweaver.

Beginning Web Site Creation: Dreamweaver CS4.  WK1 & WK2  File Management  BlackBoard  SWS  Planning, Design, and HTML review  WK3 & WK4  Dreamweaver.
Layer 7- Application Layer

Layer 7- Application Layer
HTTP Hypertext Transfer Protocol. HTTP messages HTTP is the language that web clients and web servers use to talk to each other –HTTP is largely “under.

HTTP Hypertext Transfer Protocol. HTTP messages HTTP is the language that web clients and web servers use to talk to each other –HTTP is largely “under.
1 Software Testing and Quality Assurance Lecture 32 – SWE 205 Course Objective: Basics of Programming Languages & Software Construction Techniques.

1 Software Testing and Quality Assurance Lecture 32 – SWE 205 Course Objective: Basics of Programming Languages & Software Construction Techniques.
Definitions, Definitions, Definitions Lead to Understanding.

Definitions, Definitions, Definitions Lead to Understanding.
Topics in this presentation: The Web and how it works Difference between Web pages and web sites Web browsers and Web servers HTML purpose and structure.

Topics in this presentation: The Web and how it works Difference between Web pages and web sites Web browsers and Web servers HTML purpose and structure.
WWW and Internet The Internet Creation of the Web Languages for document description Active web pages.

WWW and Internet The Internet Creation of the Web Languages for document description Active web pages.
Application Layer  We will learn about protocols by examining popular application-level protocols  HTTP  FTP  SMTP / POP3 / IMAP  Focus on client-server.

Application Layer  We will learn about protocols by examining popular application-level protocols  HTTP  FTP  SMTP / POP3 / IMAP  Focus on client-server.
 What is it ? What is it ?  URI,URN,URL URI,URN,URL  HTTP – methods HTTP – methods  HTTP Request Packets HTTP Request Packets  HTTP Request Headers.

 What is it ? What is it ?  URI,URN,URL URI,URN,URL  HTTP – methods HTTP – methods  HTTP Request Packets HTTP Request Packets  HTTP Request Headers.
Application Layer. Domain Name System Domain Name System (DNS) Problem – Want to go to www.google.com, but don’t know the IP addresswww.google.com Solution.

Application Layer. Domain Name System Domain Name System (DNS) Problem – Want to go to but don’t know the IP addresswww.google.com Solution.
Application Layer. Applications A program or group of programs designed for end users. A program or group of programs designed for end users. Software.

Application Layer. Applications A program or group of programs designed for end users. A program or group of programs designed for end users. Software.
Web Design Terms and Concepts Ms. Scales. Q. What is a Server? A. A server is a computer that stores information many people can access. It runs special.

Web Design Terms and Concepts Ms. Scales. Q. What is a Server? A. A server is a computer that stores information many people can access. It runs special.
UNDERSTANDING WEB AND WEB PROJECT PLANNING AND DESIGNING AND EFFECTIVE WEBSITE Garni Dadaian.

UNDERSTANDING WEB AND WEB PROJECT PLANNING AND DESIGNING AND EFFECTIVE WEBSITE Garni Dadaian.
 A cookie is a piece of text that a Web server can store on a user's hard disk.  Cookie data is simply name-value pairs stored on your hard disk by.

 A cookie is a piece of text that a Web server can store on a user's hard disk.  Cookie data is simply name-value pairs stored on your hard disk by.
Comp2513 Forms and CGI Server Applications Daniel L. Silver, Ph.D.

Comp2513 Forms and CGI Server Applications Daniel L. Silver, Ph.D.
Chapter 1: Introduction to Web

Chapter 1: Introduction to Web

Similar presentations

Ads by Google