Web Server Part 2

HTTP Transactions
HTTP is a protocol that allows Web browsers to talk to server and exchange information, it provides a standard way of communicating between browsers and Web servers. HTTP expects the client to initiate a request and the server to respond. Each request and response has three parts:the request or status line, the header fields, and the entity body.

HTTP Request (example)
If we typed http://www.fti.com/index.php, the browser would issue an HTTP request similar the following :
GET /index.php HTTP/1.0
User-Agent : Mozilla/4.5 [en] (X11; SunOs 5.5.1 sun4m)
Accept : image/gif, image/x-xbitmap, image/jpeg

HTTP Response (example)
For the previous example, the server response might look something like this
HTTP/1.1 200 OK
Date : Sat, 15 July 2006 20:00:00 GMT
Server Apache/2.0.54 (Unix)
Last-Modified : Fri, 14 july 2006 21:00:00 GMT
Content-Length : 59
Content-Type : text/html
Welcome to Information Technology Faculty…..

Request Methods
• The request line of a client contains an HTTP command called a request method.
• The server uses the method command to determine what to do with the request.
• The most widely used methods are GET, HEAD, and POST.
• Method commands should be in all-capital letters.
• Other method (PUT, DELETE, etc)

Request Methods
• GET
** Typical way of getting an information (document: static, dynamic, or error message) from a server
** Can be used to pass data to the server, it must be include as part of the URL, followed by a question mark (?) and then parameters.
• HEAD
** Server returns only header data
** Use to verify the existence of a resource
• POST
** Used to send data to the server
** Typically- send HTML form data to the server
** It passes data to the server in the entity body of the request

Server Response
• The server response has three parts :
** Status line -> the protocol version, the status code and description phrase
** Header fields
** Entity body
• The status code is a three digits integer result code defined by the HTTP specification.
• The first digit of the status code represent the category of the spesification.

HTTP Status Code Categories
• (1) : Informational
** The request was received and is being processed.
• (2) : Success
** The client request was successful
• (3) : Redirection
** The client request was not performed; futher action must be taken by the client.
• (4) : Client error
** The client’s request was incomplete or incorrect and cannot be fulfilled.
• (5) : Server error
** The request was not fullfilled, due to a server problem.

HTTP Status Code Categories (Detail)
• Informational 1XX
** 100 Continue
• Successful 2XX
** 200 OK
** 240 No Content
• Redirection 3XX
** 301 Moved permanently
** 302 Found (Moved Temporarily)
** 304 Not Modified
• Client Error 4XX
** 400 Bad Request
** 403 Forbidden
** 404 Not Found
• Server Error 5XX
** 500 Internal Server Error

CLIENT REQUEST HEADER
• Accept
** Used to specify which media types the client prefers to accept.
• Cookie
** Contains cookie information.
• If-Modified-Since
** Used to do a conditional GET request.
• Referer
** Allow the client to specify the URL on the page from which the currently requested URL was obtained
• User-Agent
** Contain information about the client program originating the request.

SERVER RESPONSE HEADERS
• Server
** Contains information about the server software handling the request.
• Set-Cookie
** Allows the server to set a cookie on the client browser permitted) for the given URL or domain.

ENTITY HEADERS
• Content-Length
** Specifies the size (in bytes) of the data transferred the entity body. Only for static documents.
• Content-Type
** Specifies the MIME type of the data returned in the entity body
• Expires
** Specifies the time/date afther which the response is considered outdated.
• Last-Modified
** Specifies the date and time the document was last modified

Proxy Server
• Proxy Servers is an intermediary server that goes between a client and the destination server – a middleman
• Instead of connecting directly to destination server, the browser sends the request to the proxy, the proxy then passes the request to the destination server, receives the response, and passes the response back to the browser.
• Proxy servers have three main uses : security, content filtering and caching.

Main of Uses Proxy Server
• Used for security purposes
** The proxy server can act as a firewall, allowing only HTTP traffict through and rejecting other protocols, limits what kinds of services are available to the people outside your local network.
• Filter data
** The Proxy server restricting access to certain sites or analyzing content for questionable material.
• Caching proxy servers
** The Proxy server stores frequenly accessed web pages, so when one is requested, the cache server can return the page rather than retrieving it from the Internet.
** Make pages that we to to load much quicker.
** Make better use of the ISP’s bandwidth by going outside the local net only when new pages need to be retrieved.

Streaming Audio and Video
• For browser to play audio or video file, it must first download the entire file. It takes a long time.
• The solution : Streaming Media, which allow a media player (or plug-in) to start playing multimedia content while the data is still being received.
• HTTP doesn’t support streaming media, so a different server must be used to publish it.
• Browser don’t support streaming media, so a plug-in must be used to view any type of streaming content.

Streaming Audio and Video
• Many streaming media formats may use UDP (User Datagram Protocol) instead of TCP/IP as a network protocol.
• UDP is a good at transmitting very small pieces of data quickly and digital audio and video. Unlike TCP/IP, UDP will not retransmit data if there is an error, this is fine for digital audio and video because a few bits lost will hardly be noticeable.
• The two leading streaming media packages are RealNetworks’ RealSystem and Microsoft’s Windows Media (formerly NewShow).

Databases
• A database provides an efficient, organized way to store lots of information, BUT most databases don’t provide a friendly interface that anyone can use to access this information. The Web provides a familiar, easy-to-use way of accessing data.
• A large corporate database should typically be installed on its own dedicated server and not on a machine also used as a Web server.
• The database will also have a daemon running to respond the queries; this allows programs on the Web server to communicate with the database server. This type of database daemon is often called a listener.

Secure Sockets Layer
• SSL is a protocol that allow secure, encrypted communication over TCP/IP. It is often used with HTTP to allow information to be exchange securely between a browser and a Web server.
• Most commercial Web server software include an SSL server that can run alongside the HTTPD.
• SSL is used mostly for web transaction, but it can be used to encrypt any communications over TCP/IP.