martin kruliš 3. 12. 2015 by martin kruliš (v1.1)1
TRANSCRIPT
by Martin Kruliš (v1.1) 1
Server-side ScriptingMartin Kruliš
3. 12. 2015
by Martin Kruliš (v1.1) 2
Serving Static Pages
3. 12. 2015
Web Server (Revision)
Web ServerClient
`
HTTP RequestGET /myweb/index.html...
Internet
HTTP ResponseHTTP/1.1 200 OKContent-Length: 1019Content-Type: text/html;...<contents of index.html>
index.html
Apache configuration
/var/www/myweb/
by Martin Kruliš (v1.1) 3
Serving Dynamic Content
3. 12. 2015
Web Server (Revision)
Web ServerClient
`
HTTP RequestGET /myweb/app.cgi...
Internet
HTTP ResponseHTTP/1.1 200 OKContent-Length: 2049Content-Type: text/html;...<contents generated by cgi>
/var/www/myweb/
app.cgi
stdin
stdout
by Martin Kruliš (v1.1) 4
Common Gateway Interface◦ One of the first standards for generating dynamic
web content◦ NSCA specification from 1993 how to invoke
command line applications Current version CGI 1.1 (RFC 3875) from 2004
◦ Specifies only the interface Application may be written in any language Important information and headers are set as
environ-ment variables, POST body is directed to std. input
Response is taken from the std. output
3. 12. 2015
CGI
Example 1
by Martin Kruliš (v1.1) 5
CGI Issues◦ Starting a process takes some system time◦ Each process handles exactly one request
Unable to keep session/shared data in memory
Fast CGI Improvement◦ Fast CGI server runs independently from web
server Keeps the process pool, resources, …
◦ Communicates with web server via socket/TCP◦ Multi-request processing may be achieved by
multiplexing or multiple connections (or both)
3. 12. 2015
FastCGI
by Martin Kruliš (v1.1) 6
Integrating Scripting Modules
3. 12. 2015
Web Server (Revision)
Web ServerClient
`
HTTP RequestGET /myweb/index.php...
Internet
HTTP ResponseHTTP/1.1 200 OKContent-Length: 1984Content-Type: text/html;...<contents generated by php>
/var/www/myweb/
mod_php
index.php
by Martin Kruliš (v1.1) 7
PHP: Hypertext Preprocessor◦ Popular language originally designed for the web
The language has integrate API for handling requests Things like URL parameters, POSTed data, headers,
or server settings are presented in global variables◦ PHP script code can be directly interleaved with
HTML (or other type of generated content) The script is embedded between <?php, ?> marks The PHP interpret process the script and replace its
body with its output in the document
3. 12. 2015
PHP
Example 2
by Martin Kruliš (v1.1) 8
Web Server Gateway Interface◦ Universal interface between web servers and web
applications designed for the Python language Interface is called WSGI middleware and it is
implemented by both sides (server and application)◦ Specific new features
Routing requests to application objects (by URL) Multiple applications may run in one process Content post-processing (e.g., by XSLT) Load balancing (remote processing, forwarding, …)
◦ Similar APIs Rack (Ruby), PSGI (Perl), JSGI (JavaScript)
3. 12. 2015
WSGI
Example 3
by Martin Kruliš (v1.1) 9
ASP.NET◦ Microsoft solution built on .NET platform
Supports all .NET languages (C#, VB, …)◦ Successor to Microsoft’s Active Server Pages◦ Requires Microsoft IIS web server
Mono version (mod_mono and FastCGI) exists◦ WebForms
Basic building blocks for ASP.NET web pages Similar HTML interleaving syntax as PHP The idea is to design web pages in the same manner
as desktop applications
3. 12. 2015
ASP.NET
by Martin Kruliš (v1.1) 10
ASP.NET◦ WebForms
Event-based model, events may be processed at server
The forms automatically serializes the whole state◦ Razor syntax
Block starts with @ and does not require explicit closing
◦ MVC Alternative type of ASP.NET applications Default view engine is either Razor (.cshtml, .vbhtml),
or Web Forms (.aspx) Controllers are .NET classes, methods are actions
Routers select controller class and invoke an action3. 12. 2015
ASP.NET
by Martin Kruliš (v1.1) 11
Java Server Pages◦ Java-based solution for dynamic web pages◦ Requires web server with servlet container
Apache Tomcat, Jetty, …◦ Supports both “simple” PHP-like approach and
MVC Uses <%, %> marks for scriptlet-HTML interleaving MVC usually uses JavaBeans as the model and Java
servlets as the controller◦ Java compilation
Compiler is integrated in the web server and compiles the page when first needed (or when changed)
3. 12. 2015
JSP
by Martin Kruliš (v1.1) 12
Ruby on Rails◦ Ruby scripting language + Rails web framework◦ Basic philosophy
DRY (Don’t Repeat Yourself) – avoid code duplication Convention Over Configuration – our way is the
“best”◦ Very strict style of application development
Improves efficiency, but ties your hands◦ Specific structure of the application
Reflects the MVC pattern $> rails new myapp
Generates new application structure in ./myapp
3. 12. 2015
Ruby on Rails
by Martin Kruliš (v1.1) 13
Representational State Transfer (REST)◦ Architectural abstraction for distributed systems◦ The application is formed by resources
Resources are identified by URLhttp://myapp.com/galery/2013http://myapp.com/galery/2013/photo/42
◦ Components of the application communicate over the network and exchange resource representations Representation is typically HTML, XML, or JSON
◦ The API is built over HTTP and is hypertext driven GET http://myapp.com/galery/2013 DELETE http://myapp.com/galery/2013/photo/42
3. 12. 2015
Ruby on Rails
by Martin Kruliš (v1.1) 14
JavaScript Server-side Platform◦ Basically a Google V8 JavaScript engine compiled
as CLI script interpreter V8 is used in Chrome and it is the fastest JS
interpreter◦ Contains many pre-built packages for server-side
application development (sockets, HTTP, …) HTTP server is embedded in the application, so the
programmer may tune it for specific needs◦ Aims for fast developed single-language solutions
Using Javascript on client and server allows some level of code sharing
3. 12. 2015
Node.js
Example 4
by Martin Kruliš (v1.1) 15
Web Programming Languages Usage (March 2013)
PHPASP.NETJSPColdFusionPerlRubyPython
3. 12. 2015
Statistics
by Martin Kruliš (v1.1) 16
Client-server Architectures◦ Strict separation of two application parts
Client - data presentation, user interface Server – business logic, data storage
◦ Both sides are connected via specific API (HTTP) The communication latency and overhead influence
the application design◦ Three-tier architecture
Server part is overloaded, so we separate the data storage and management into separate tier
◦ Thick client Functionality is slowly shifting to the client-side
3. 12. 2015
Server-side Scripting
by Martin Kruliš (v1.1) 17
Specific Issues of the Server Side◦ Traditional web applications
Work in batches – client wants to perform a large task with each HTTP request Download a page full of formatted data Submit a form and generate a response
Difficult state management (HTTP is stateless) Code replication and dependency injections
◦ Modern web applications Just a remote API for AJAX calls Difficult to integrate AJAX API into existing applications,
or create applications that work both ways
3. 12. 2015
Server-side Scripting
by Martin Kruliš (v1.1) 18
Model-View-Controller
3. 12. 2015
Web Design Patterns
Database
View Model
Invoking actions
Dataflow
Controller
by Martin Kruliš (v1.1) 19
Model-View-Controller◦ A guideline how to divide code and responsibility◦ Basis for many frameworks◦ Model
Uniform data API for the application Communicates with DB/file storage/… Simplifies portability to other storage types Transparently handles encoding, integrity checks,
transactions, data pre/post-processing, …
3. 12. 2015
Web Design Patterns
by Martin Kruliš (v1.1) 20
Model-View-Controller◦ View
User interface, data presentation Typically responsible for generating HTML Automatic sanitization of presented data (<,> chars) Translations for multilingual applications Templates
Mechanisms that separate HTML coding from application programming
Allow implementing View features (mentioned above) in declarative (instead of imperative) manner
3. 12. 2015
Web Design Patterns
by Martin Kruliš (v1.1) 21
Model-View-Controller◦ Controller
Integrates business (application) logic Issues commands to view and model Process user requests
Requests for displaying content (typically GET request) Requests for modifying app. status (typically POST req.)
Typically implements other design patterns Front controller, command, …
Alternative – Model-View-Presenter More advanced form of MVC View is more separated and does not access model
directly
3. 12. 2015
Web Design Patterns
by Martin Kruliš (v1.1) 223. 12. 2015
Discussion