NOTES ABOUT WEB SECTION
WEB- & DATABASE TECHNOLOGY CSE1500
CSE TU Delft - Lieke Sanders
→ Notes based on Claudia’s website
HTTP
HTML
JavaScript
Node.js 1
CSS
Node.js 2
Sessions et al
Web security
,HTTP
URL
Anatomy of a URL
<protocol>://<hostname>:<port>/<path>?<query_params>
<protocol> required
(http, https)
<hostname> required
(localhost, google.com, tudelft.nl, cse1500.sendcroissants.me)
<port> optional
80 (this is the default port when no port is specified)
3000
5000
...and any other integer from 0 to 65535
<path> optional
(login, calendar/january/31)
...it's a path, you know what a path is
<query_params> optional
(username=kevin, username=kevin&token=fdfa8e7cc4b3)
key=value pairs separated by &, comes after the ?
Usually used for sending data in a GET request since GET requests can't send
content in the body
Examples
# Ordinary URL, note the <port> is missing, so it defaults to 80
https://google.com
# Pointing to computer's own address, note the port is specified as 3000
# Also note it has a query string with some data
http://localhost:3000/register?username=kevin&password=yeet
,HTTP/HTTPS
HTTPS is HTTP with encryption. The difference between the two protocols is that HTTPS
encrypts normal HTTP requests and responses. As a result, HTTPS is far more secure than
HTTP.
Requests
You should always think of requests as <method> <path>. The client/browser always makes
the request, the server responds.
Long Polling
Long polling emulates a push mechanism that is missing in HTTP/1.1: the client sends an
HTTP request, the server holds the request open until new data is available before sending
its HTTP response. Once the response is sent, the client immediately sends another HTTP
request that is kept open.
Methods
HEAD - subset of GET, only gives back headers (general information, like connection and
cache-control) and not actual content
GET - retrieves data from server
POST - sends data to server
PUT - updates data on server
DELETE - removes data from server
Before using a method, we connect to either telnet or openssl, always start with trying telnet.
Connecting to telnet
telnet *host* 80
80 is the port, host would be the website
Connecting to openssl
openssl s_client -crlf -connect *host*:443
Openssl needs to be used when we want to access something that uses https.
443 is the port for using openssl, host is the website (like tudelft.nl)
, HEAD/GET request
For example, if you want the data on the following page tudelft.nl/wdt, your request would be
GET /wdt HTTP/1.1
host:tudelft.nl
*press enter twice*
So the type of request, the path, then which HTTP you’re using (always 1.1), and then the
host (the website). If we just want the homepage, the path would just be /.
PUT request
For example, if you want to modify a resource, and update it to ‘Hello World!’, you’d do
PUT /put HTTP/1.1
host:tudelft.nl
Content-type:text/plain
Content-length:12
*enter*
Hello World!
*enter*
If you’d make the content length smaller, it’d give a 400 bad request error. If you’d make
content length larger, it’d wait until you’ve reached that larger number by counting your
enters/new lines as characters.